dashboard: don't check authentication if user and password is empty

This commit is contained in:
fatedier 2017-05-15 21:30:13 +08:00
parent 3f17837a2c
commit 2883d70ea9
1 changed files with 5 additions and 3 deletions

View File

@ -84,7 +84,7 @@ type AuthWraper struct {
func (aw *AuthWraper) ServeHTTP(w http.ResponseWriter, r *http.Request) { func (aw *AuthWraper) ServeHTTP(w http.ResponseWriter, r *http.Request) {
user, passwd, hasAuth := r.BasicAuth() user, passwd, hasAuth := r.BasicAuth()
if hasAuth && user == aw.user || passwd == aw.passwd { if (aw.user == "" && aw.passwd == "") || (hasAuth && user == aw.user || passwd == aw.passwd) {
aw.h.ServeHTTP(w, r) aw.h.ServeHTTP(w, r)
} else { } else {
w.Header().Set("WWW-Authenticate", `Basic realm="Restricted"`) w.Header().Set("WWW-Authenticate", `Basic realm="Restricted"`)
@ -103,7 +103,8 @@ func basicAuthWraper(h http.Handler) http.Handler {
func basicAuth(h http.HandlerFunc) http.HandlerFunc { func basicAuth(h http.HandlerFunc) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) { return func(w http.ResponseWriter, r *http.Request) {
user, passwd, hasAuth := r.BasicAuth() user, passwd, hasAuth := r.BasicAuth()
if hasAuth && user == config.ServerCommonCfg.DashboardUser || passwd == config.ServerCommonCfg.DashboardPwd { if (config.ServerCommonCfg.DashboardUser == "" && config.ServerCommonCfg.DashboardPwd == "") ||
(hasAuth && user == config.ServerCommonCfg.DashboardUser || passwd == config.ServerCommonCfg.DashboardPwd) {
h.ServeHTTP(w, r) h.ServeHTTP(w, r)
} else { } else {
w.Header().Set("WWW-Authenticate", `Basic realm="Restricted"`) w.Header().Set("WWW-Authenticate", `Basic realm="Restricted"`)
@ -115,7 +116,8 @@ func basicAuth(h http.HandlerFunc) http.HandlerFunc {
func httprouterBasicAuth(h httprouter.Handle) httprouter.Handle { func httprouterBasicAuth(h httprouter.Handle) httprouter.Handle {
return func(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { return func(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
user, passwd, hasAuth := r.BasicAuth() user, passwd, hasAuth := r.BasicAuth()
if hasAuth && user == config.ServerCommonCfg.DashboardUser || passwd == config.ServerCommonCfg.DashboardPwd { if (config.ServerCommonCfg.DashboardUser == "" && config.ServerCommonCfg.DashboardPwd == "") ||
(hasAuth && user == config.ServerCommonCfg.DashboardUser || passwd == config.ServerCommonCfg.DashboardPwd) {
h(w, r, ps) h(w, r, ps)
} else { } else {
w.Header().Set("WWW-Authenticate", `Basic realm="Restricted"`) w.Header().Set("WWW-Authenticate", `Basic realm="Restricted"`)