couchdb-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From rnew...@apache.org
Subject [3/5] git commit: updated refs/heads/1.2.x to 7cdedb0
Date Tue, 23 Apr 2013 13:43:08 GMT
Make cardinality of result explicit, remove join hacks


Project: http://git-wip-us.apache.org/repos/asf/couchdb/repo
Commit: http://git-wip-us.apache.org/repos/asf/couchdb/commit/7cdedb02
Tree: http://git-wip-us.apache.org/repos/asf/couchdb/tree/7cdedb02
Diff: http://git-wip-us.apache.org/repos/asf/couchdb/diff/7cdedb02

Branch: refs/heads/1.2.x
Commit: 7cdedb0282bcf274b80d4e552705756b925b8841
Parents: 30b48e6
Author: Robert Newson <rnewson@apache.org>
Authored: Mon Nov 19 10:55:57 2012 +0000
Committer: Robert Newson <rnewson@apache.org>
Committed: Tue Apr 23 14:31:49 2013 +0100

----------------------------------------------------------------------
 share/www/script/test/users_db.js |   18 ++++++++++++++++++
 src/couchdb/couch_httpd_auth.erl  |   14 +++++++-------
 2 files changed, 25 insertions(+), 7 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/couchdb/blob/7cdedb02/share/www/script/test/users_db.js
----------------------------------------------------------------------
diff --git a/share/www/script/test/users_db.js b/share/www/script/test/users_db.js
index 7648523..f52f022 100644
--- a/share/www/script/test/users_db.js
+++ b/share/www/script/test/users_db.js
@@ -122,6 +122,24 @@ couchTests.users_db = function(debug) {
     } catch(e) {
       TEquals("Character `:` is not allowed in usernames.", e.reason);
     }
+
+    // test that you can login as a user with a password starting with :
+    var doc = CouchDB.prepareUserDoc({
+      name: "foo@example.org"
+    }, ":bar");
+    T(usersDb.save(doc).ok);
+
+    T(CouchDB.session().userCtx.name == null);
+
+    // test that you can use basic auth aginst the users db
+    var s = CouchDB.session({
+      headers : {
+        //                 base64_encode("foo@example.org::bar")
+        "Authorization" : "Basic Zm9vQGV4YW1wbGUub3JnOjpiYXI="
+      }
+    });
+    T(s.userCtx.name == "foo@example.org");
+
   };
 
   usersDb.deleteDb();

http://git-wip-us.apache.org/repos/asf/couchdb/blob/7cdedb02/src/couchdb/couch_httpd_auth.erl
----------------------------------------------------------------------
diff --git a/src/couchdb/couch_httpd_auth.erl b/src/couchdb/couch_httpd_auth.erl
index a3ee4f4..508ec7f 100644
--- a/src/couchdb/couch_httpd_auth.erl
+++ b/src/couchdb/couch_httpd_auth.erl
@@ -26,7 +26,7 @@ special_test_authentication_handler(Req) ->
     case header_value(Req, "WWW-Authenticate") of
     "X-Couch-Test-Auth " ++ NamePass ->
         % NamePass is a colon separated string: "joe schmoe:a password".
-        [Name, Pass] = re:split(NamePass, ":", [{return, list}]),
+        [Name, Pass] = re:split(NamePass, ":", [{return, list}, {parts, 2}]),
         case {Name, Pass} of
         {"Jan Lehnardt", "apple"} -> ok;
         {"Christopher Lenz", "dog food"} -> ok;
@@ -47,14 +47,13 @@ basic_name_pw(Req) ->
     AuthorizationHeader = header_value(Req, "Authorization"),
     case AuthorizationHeader of
     "Basic " ++ Base64Value ->
-        case string:tokens(?b2l(base64:decode(Base64Value)),":") of
+        case re:split(base64:decode(Base64Value), ":",
+                      [{return, list}, {parts, 2}]) of
         ["_", "_"] ->
             % special name and pass to be logged out
             nil;
         [User, Pass] ->
             {User, Pass};
-        [User | Pass] ->
-            {User, string:join(Pass, ":")};
         _ ->
             nil
         end;
@@ -161,9 +160,10 @@ cookie_authentication_handler(#httpd{mochi_req=MochiReq}=Req) ->
     undefined -> Req;
     [] -> Req;
     Cookie ->
-        [User, TimeStr | HashParts] = try
+        [User, TimeStr, HashStr] = try
             AuthSession = couch_util:decodeBase64Url(Cookie),
-            [_A, _B | _Cs] = string:tokens(?b2l(AuthSession), ":")
+            [_A, _B, _Cs] = re:split(?b2l(AuthSession), ":",
+                                     [{return, list}, {parts, 3}])
         catch
             _:_Error ->
                 Reason = <<"Malformed AuthSession cookie. Please clear your cookies.">>,
@@ -183,7 +183,7 @@ cookie_authentication_handler(#httpd{mochi_req=MochiReq}=Req) ->
                 UserSalt = couch_util:get_value(<<"salt">>, UserProps, <<"">>),
                 FullSecret = <<Secret/binary, UserSalt/binary>>,
                 ExpectedHash = crypto:sha_mac(FullSecret, User ++ ":" ++ TimeStr),
-                Hash = ?l2b(string:join(HashParts, ":")),
+                Hash = ?l2b(HashStr),
                 Timeout = list_to_integer(
                     couch_config:get("couch_httpd_auth", "timeout", "600")),
                 ?LOG_DEBUG("timeout ~p", [Timeout]),


Mime
View raw message