forked from nats-io/nats-server
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathplain.go
40 lines (32 loc) · 853 Bytes
/
plain.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
// Copyright 2014-2015 Apcera Inc. All rights reserved.
package auth
import (
"strings"
"github.com/nats-io/gnatsd/server"
"golang.org/x/crypto/bcrypt"
)
const bcryptPrefix = "$2a$"
func isBcrypt(password string) bool {
return strings.HasPrefix(password, bcryptPrefix)
}
// Plain authentication is a basic username and password
type Plain struct {
Username string
Password string
}
// Check authenticates the client using a username and password
func (p *Plain) Check(c server.ClientAuth) bool {
opts := c.GetOpts()
if p.Username != opts.Username {
return false
}
// Check to see if the password is a bcrypt hash
if isBcrypt(p.Password) {
if err := bcrypt.CompareHashAndPassword([]byte(p.Password), []byte(opts.Password)); err != nil {
return false
}
} else if p.Password != opts.Password {
return false
}
return true
}