Authorization

flavio ishii flavio.ishii at gmail.com
Mon Nov 2 16:54:06 EST 2009


Hi. I'm testing the basic authentication for a jiak resource. I have  
the following code but it seems that the requests go through even if  
my login values are invalid.

-define(AUTH_HEAD, "Basic realm=webmachine").

auth_ok(_Key, ReqData, Context) ->
     case wrq:method(ReqData) of
         _ -> case get_un_pwd(ReqData) of
                 ["somename","mypwd"] -> {true, ReqData, Context};
                 _ -> {?AUTH_HEAD, ReqData, Context}
         end
     end.

get_un_pwd(ReqData) ->
         case wrq:get_req_header("authorization", ReqData) of
         "Basic "++Base64 ->
             Str = base64:mime_decode_to_string(Base64),
             string:tokens(Str, ":");
         _ ->
             {?AUTH_HEAD, ReqData, Context}
     end.

Any guidance is appreciated.




More information about the riak-users mailing list