Permalink
Browse files

Fix failing unit tests: test-basic/testIsAuthenticatedFalseSamePassword

  • Loading branch information...
1 parent 7d084ef commit 623b312516bc3e2c091223c30b9bf51d92190c6d @strager strager committed Jan 25, 2012
Showing with 20 additions and 12 deletions.
  1. +20 −12 lib/auth/basic.js
View
@@ -62,21 +62,29 @@ Basic.prototype.isAuthenticated = function(request) {
// If header exists.
if("authorization" in request.headers) {
var header = request.headers.authorization;
- var user = header.split(" ")[1];
+ var clientUserString = header.split(" ")[1];
// Searching for user in user list.
- if(user) {
- for(var i = 0; i < this.users.length; ++i) {
- var passwordHash = this.users[i].split(":")[1];
- var password = utils.decodeBase64(user).split(":")[1];
+ if(clientUserString) {
+ var clientUser = utils.decodeBase64(clientUserString).split(":");
+ var clientUserName = clientUser[0];
+ var clientPasswordHash = clientUser[1];
- if(passwordHash && typeof passwordHash === 'string') {
- if(htpasswd.validate(passwordHash, password)) {
- authenticated = true;
- break;
- }
- }
- }
+ if(clientUserName && clientPasswordHash) {
+ for(var i = 0; i < this.users.length; ++i) {
+ var myUser = this.users[i].split(":");
+ var myUserName = myUser[0];
+ var myPasswordHash = myUser[1];
+
+ // Ensure the username and password both match.
+ if(myUserName === clientUserName) {
+ if(htpasswd.validate(clientPasswordHash, myPasswordHash)) {
+ authenticated = true;
+ break;
+ }
+ }
+ }
+ }
}
}

0 comments on commit 623b312

Please sign in to comment.