Stowage/rest-server
2
0
Fork 0
mirror of https://github.com/restic/rest-server.git synced 2025-10-19 07:33:21 +00:00
Code Issues Projects Releases Packages Wiki Activity

Extend htpasswd auth cache entry expiry on use

Browse source
This commit is contained in:
Michael Eischer 2021-01-04 19:16:27 +01:00 committed by Leo R. Lundgren
parent 1eeca53812
commit df9eb337d3
1 changed files with 8 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

8
htpasswd.go
View file

@ -234,6 +234,14 @@ func (h *HtpasswdFile) Validate(user string, password string) bool {
} }
if cacheExists && subtle.ConstantTimeCompare(entry.verifier, hash.Sum(nil)) == 1 { if cacheExists && subtle.ConstantTimeCompare(entry.verifier, hash.Sum(nil)) == 1 {
h.mutex.Lock()
// repurpose mutex to prevent concurrent cache updates
// extend cache entry
cache[user] = cacheEntry{
verifier: entry.verifier,
expiry: time.Now().Add(PasswordCacheDuration),
}
h.mutex.Unlock()
return true return true
} }