tsivinsky/podcast-api
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
f276b28be7dd68709fc5e9d0295e11df2dd2fcde
podcast-api/subsonic/auth.go
Daniil Tsivinsky f276b28be7 init
2026-03-05 13:22:00 +03:00

52 lines
1001 B
Go
Raw Blame History

package subsonic
import (
"crypto/md5"
"encoding/hex"
"fmt"
"net/http"
"strings"
)
func verifyAgainstPassword(userPassword, passwordParam string) bool {
p := passwordParam
if strings.HasPrefix(passwordParam, "enc:") {
b, err := hex.DecodeString(passwordParam)
if err != nil {
return false
}
p = string(b)
}
return userPassword == p
}
func verifyAgainstToken(password, token, salt string) bool {
hash := md5.Sum([]byte(password + salt))
return hex.EncodeToString(hash[:]) == token
}
func VerifyUser(r *http.Request, username, password string) error {
u := r.URL.Query().Get("u")
if u == "" {
return fmt.Errorf("username parameter missing")
}
p := r.URL.Query().Get("p")
if p != "" {
ok := verifyAgainstPassword(password, p)
if !ok {
return fmt.Errorf("passwords don't match")
}
return nil
}
t := r.URL.Query().Get("t")
s := r.URL.Query().Get("s")
if !verifyAgainstToken(password, t, s) {
return fmt.Errorf("passwords don't match")
}
return nil
}
Reference in New Issue View Git Blame Copy Permalink