opensource/grafana
1
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-07-28 11:42:20 +08:00
Code Issues Packages Projects Releases Wiki Activity

Macaron: remove custom Request type (#37874)

Browse Source 
* remove macaron.Request, use http.Request instead

* remove com dependency from bindings module

* fix another c.Req.Request
This commit is contained in:
Serge Zaitsev
2021-09-01 11:18:30 +02:00
committed by GitHub
parent 56f61001a8
commit c3ab2fdeb7
35 changed files with 1205 additions and 111 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
pkg/api/basic_auth.go
View File

@ -2,15 +2,14 @@ package api
import (
"crypto/subtle"
macaron "gopkg.in/macaron.v1"
"net/http"
)
// BasicAuthenticatedRequest parses the provided HTTP request for basic authentication credentials
// and returns true if the provided credentials match the expected username and password.
// Returns false if the request is unauthenticated.
// Uses constant-time comparison in order to mitigate timing attacks.
func BasicAuthenticatedRequest(req macaron.Request, expectedUser, expectedPass string) bool {
func BasicAuthenticatedRequest(req *http.Request, expectedUser, expectedPass string) bool {
user, pass, ok := req.BasicAuth()
if !ok || subtle.ConstantTimeCompare([]byte(user), []byte(expectedUser)) != 1 || subtle.ConstantTimeCompare([]byte(pass), []byte(expectedPass)) != 1 {
return false