supported Authorization header

2025-12-13 01:30:31 +08:00 · 2020-08-30 21:12:13 +03:00 · 2020-08-30 21:12:13 +03:00 · 02e207347b
commit 02e207347b
parent 2175338470
1 changed files with 14 additions and 0 deletions
--- a/kvmd/apps/kvmd/api/auth.py
+++ b/kvmd/apps/kvmd/api/auth.py
@ -20,6 +20,8 @@
 # ========================================================================== #


+import base64
+
 from aiohttp.web import Request
 from aiohttp.web import Response

@ -59,6 +61,18 @@ async def check_request_auth(auth_manager: AuthManager, exposed: HttpExposed, re
            set_request_auth_info(request, f"{user} (token)")
            return

+        elif (basic_auth := request.headers.get("Authorization", "")):
+            if basic_auth[:6].lower() == "basic ":
+                try:
+                    (user, passwd) = base64.b64decode(basic_auth[6:]).decode("utf-8").split(":")
+                except Exception:
+                    raise UnauthorizedError()
+                user = valid_user(user)
+                set_request_auth_info(request, f"{user} (basic)")
+                if not (await auth_manager.authorize(user, valid_passwd(passwd))):
+                    raise ForbiddenError()
+                return
+
        raise UnauthorizedError()