summaryrefslogtreecommitdiff
path: root/pkg/basic_auth/middleware.go
diff options
context:
space:
mode:
authorJulien Dessaux2024-11-16 00:36:17 +0100
committerJulien Dessaux2024-11-16 00:36:17 +0100
commit5b6da560896970c610c691dff6ed052a57ed5a1d (patch)
tree7ec12f39943513230659d3068d59e8687770f053 /pkg/basic_auth/middleware.go
parentfix(tfstated): return 403 Forbidden on non existent account (diff)
downloadtfstated-5b6da560896970c610c691dff6ed052a57ed5a1d.tar.gz
tfstated-5b6da560896970c610c691dff6ed052a57ed5a1d.tar.bz2
tfstated-5b6da560896970c610c691dff6ed052a57ed5a1d.zip
fix(tfstated): hash passwords instead of relying on the database encryption key
Diffstat (limited to 'pkg/basic_auth/middleware.go')
-rw-r--r--pkg/basic_auth/middleware.go2
1 files changed, 1 insertions, 1 deletions
diff --git a/pkg/basic_auth/middleware.go b/pkg/basic_auth/middleware.go
index 1b51c8a..7f8fb4a 100644
--- a/pkg/basic_auth/middleware.go
+++ b/pkg/basic_auth/middleware.go
@@ -27,7 +27,7 @@ func Middleware(db *database.DB) func(http.Handler) http.Handler {
http.Error(w, "Forbidden", http.StatusForbidden)
return
}
- if password != account.Password {
+ if !account.CheckPassword(password) {
http.Error(w, "Forbidden", http.StatusForbidden)
return
}