phares3757/gatus
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(security)!: Remove deprecated SHA512 parameter for password hashing

Browse Source
This commit is contained in:
TwiN
2022-06-14 23:48:28 -04:00
parent 6f3150d936
commit c873b0ba0c
7 changed files with 5 additions and 96 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
security/config.go
View File

@ -3,7 +3,6 @@ package security
import (
"encoding/base64"
"net/http"
"strings"
"github.com/TwiN/g8"
"github.com/gorilla/mux"
@ -82,13 +81,6 @@ func (c *Config) ApplySecurityMiddleware(api *mux.Router) error {
_, _ = w.Write([]byte("Unauthorized"))
return
}
} else if len(c.Basic.PasswordSha512Hash) > 0 {
if !ok || usernameEntered != c.Basic.Username || Sha512(passwordEntered) != strings.ToLower(c.Basic.PasswordSha512Hash) {
w.Header().Set("WWW-Authenticate", "Basic")
w.WriteHeader(http.StatusUnauthorized)
_, _ = w.Write([]byte("Unauthorized"))
return
}
}
handler.ServeHTTP(w, r)
})