dd9309c15e
Initial vendor list validated with empty $GOPATH and only master checked out; followed by `make` and verified that all binaries build properly. Updates require github.com/LK4D4/vndr tool. Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com>
45 lines
1,000 B
Go
45 lines
1,000 B
Go
// Copyright 2016 Apcera Inc. All rights reserved.
|
|
|
|
package auth
|
|
|
|
import (
|
|
"github.com/nats-io/gnatsd/server"
|
|
"golang.org/x/crypto/bcrypt"
|
|
)
|
|
|
|
// Plain authentication is a basic username and password
|
|
type MultiUser struct {
|
|
users map[string]*server.User
|
|
}
|
|
|
|
// Create a new multi-user
|
|
func NewMultiUser(users []*server.User) *MultiUser {
|
|
m := &MultiUser{users: make(map[string]*server.User)}
|
|
for _, u := range users {
|
|
m.users[u.Username] = u
|
|
}
|
|
return m
|
|
}
|
|
|
|
// Check authenticates the client using a username and password against a list of multiple users.
|
|
func (m *MultiUser) Check(c server.ClientAuth) bool {
|
|
opts := c.GetOpts()
|
|
user, ok := m.users[opts.Username]
|
|
if !ok {
|
|
return false
|
|
}
|
|
pass := user.Password
|
|
|
|
// Check to see if the password is a bcrypt hash
|
|
if isBcrypt(pass) {
|
|
if err := bcrypt.CompareHashAndPassword([]byte(pass), []byte(opts.Password)); err != nil {
|
|
return false
|
|
}
|
|
} else if pass != opts.Password {
|
|
return false
|
|
}
|
|
|
|
c.RegisterUser(user)
|
|
|
|
return true
|
|
}
|