couchdb-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From rnew...@apache.org
Subject [1/5] git commit: updated refs/heads/1.1.x to a839f7e
Date Tue, 23 Apr 2013 13:43:06 GMT
Updated Branches:
  refs/heads/1.1.x 16466f7fe -> a839f7e06
  refs/heads/1.2.x 30b48e6a2 -> 7cdedb028
  refs/heads/1.3.x bd0342d1a -> 9d41ea8a4
  refs/heads/master 0838d8d61 -> ae6f1ebd8


Make cardinality of result explicit, remove join hacks


Project: http://git-wip-us.apache.org/repos/asf/couchdb/repo
Commit: http://git-wip-us.apache.org/repos/asf/couchdb/commit/a839f7e0
Tree: http://git-wip-us.apache.org/repos/asf/couchdb/tree/a839f7e0
Diff: http://git-wip-us.apache.org/repos/asf/couchdb/diff/a839f7e0

Branch: refs/heads/1.1.x
Commit: a839f7e06ef22d4c747e58d1b0e51dd587775e62
Parents: 43135c7
Author: Robert Newson <rnewson@apache.org>
Authored: Mon Nov 19 10:55:57 2012 +0000
Committer: Robert Newson <rnewson@apache.org>
Committed: Tue Apr 23 14:30:39 2013 +0100

----------------------------------------------------------------------
 share/www/script/test/users_db.js |   18 ++++++++++++++++++
 src/couchdb/couch_httpd_auth.erl  |   17 +++++++++--------
 2 files changed, 27 insertions(+), 8 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/couchdb/blob/a839f7e0/share/www/script/test/users_db.js
----------------------------------------------------------------------
diff --git a/share/www/script/test/users_db.js b/share/www/script/test/users_db.js
index 1e13e5d..b2966b2 100644
--- a/share/www/script/test/users_db.js
+++ b/share/www/script/test/users_db.js
@@ -111,6 +111,24 @@ couchTests.users_db = function(debug) {
       T(e.reason == "doc.roles must be an array");
     }
     jchrisUserDoc.roles = [];
+
+    // test that you can login as a user with a password starting with :
+    var doc = CouchDB.prepareUserDoc({
+      name: "foo@example.org"
+    }, ":bar");
+    T(usersDb.save(doc).ok);
+
+    T(CouchDB.session().userCtx.name == null);
+
+    // test that you can use basic auth aginst the users db
+    var s = CouchDB.session({
+      headers : {
+        //                 base64_encode("foo@example.org::bar")
+        "Authorization" : "Basic Zm9vQGV4YW1wbGUub3JnOjpiYXI="
+      }
+    });
+    T(s.userCtx.name == "foo@example.org");
+
   };
 
   usersDb.deleteDb();

http://git-wip-us.apache.org/repos/asf/couchdb/blob/a839f7e0/src/couchdb/couch_httpd_auth.erl
----------------------------------------------------------------------
diff --git a/src/couchdb/couch_httpd_auth.erl b/src/couchdb/couch_httpd_auth.erl
index 9f6ed18..1bd3a0d 100644
--- a/src/couchdb/couch_httpd_auth.erl
+++ b/src/couchdb/couch_httpd_auth.erl
@@ -26,7 +26,7 @@ special_test_authentication_handler(Req) ->
     case header_value(Req, "WWW-Authenticate") of
     "X-Couch-Test-Auth " ++ NamePass ->
         % NamePass is a colon separated string: "joe schmoe:a password".
-        [Name, Pass] = re:split(NamePass, ":", [{return, list}]),
+        [Name, Pass] = re:split(NamePass, ":", [{return, list}, {parts, 2}]),
         case {Name, Pass} of
         {"Jan Lehnardt", "apple"} -> ok;
         {"Christopher Lenz", "dog food"} -> ok;
@@ -47,14 +47,13 @@ basic_name_pw(Req) ->
     AuthorizationHeader = header_value(Req, "Authorization"),
     case AuthorizationHeader of
     "Basic " ++ Base64Value ->
-        case string:tokens(?b2l(base64:decode(Base64Value)),":") of
+        case re:split(base64:decode(Base64Value), ":",
+                      [{return, list}, {parts, 2}]) of
         ["_", "_"] ->
             % special name and pass to be logged out
             nil;
         [User, Pass] ->
             {User, Pass};
-        [User | Pass] ->
-            {User, string:join(Pass, ":")};
         _ ->
             nil
         end;
@@ -161,9 +160,10 @@ cookie_authentication_handler(#httpd{mochi_req=MochiReq}=Req) ->
     undefined -> Req;
     [] -> Req;
     Cookie ->
-        [User, TimeStr | HashParts] = try
+        [User, TimeStr, HashStr] = try
             AuthSession = couch_util:decodeBase64Url(Cookie),
-            [_A, _B | _Cs] = string:tokens(?b2l(AuthSession), ":")
+            [_A, _B, _Cs] = re:split(?b2l(AuthSession), ":",
+                                     [{return, list}, {parts, 3}])
         catch
             _:_Error ->
                 Reason = <<"Malformed AuthSession cookie. Please clear your cookies.">>,
@@ -183,8 +183,9 @@ cookie_authentication_handler(#httpd{mochi_req=MochiReq}=Req) ->
                 UserSalt = couch_util:get_value(<<"salt">>, UserProps, <<"">>),
                 FullSecret = <<Secret/binary, UserSalt/binary>>,
                 ExpectedHash = crypto:sha_mac(FullSecret, User ++ ":" ++ TimeStr),
-                Hash = ?l2b(string:join(HashParts, ":")),
-                Timeout = to_int(couch_config:get("couch_httpd_auth", "timeout", 600)),
+                Hash = ?l2b(HashStr),
+                Timeout = list_to_integer(
+                    couch_config:get("couch_httpd_auth", "timeout", "600")),
                 ?LOG_DEBUG("timeout ~p", [Timeout]),
                 case (catch erlang:list_to_integer(TimeStr, 16)) of
                     TimeStamp when CurrentTime < TimeStamp + Timeout ->


Mime
View raw message