diff --git a/src/lavinmq/auth/auth_handler.cr b/src/lavinmq/auth/auth_handler.cr index 58fa5c43a2..6cf82f2e3d 100644 --- a/src/lavinmq/auth/auth_handler.cr +++ b/src/lavinmq/auth/auth_handler.cr @@ -1,6 +1,5 @@ module LavinMQ abstract class AuthHandler - @successor : AuthHandler? def initialize(successor : AuthHandler? = nil) diff --git a/src/lavinmq/auth/basic_auth.cr b/src/lavinmq/auth/basic_auth.cr index d1f7b9306f..f5d193c997 100644 --- a/src/lavinmq/auth/basic_auth.cr +++ b/src/lavinmq/auth/basic_auth.cr @@ -3,20 +3,19 @@ require "../server" module LavinMQ class BasicAuthHandler < LavinMQ::AuthHandler - def authenticate(username : String, password : String, users : UserStore, remote_address : Socket::Address) user = users[username] # TODO: do not do authentication check if the user is not in the userstore, instead pass directly to the next handler return user if user && user.password && user.password.not_nil!.verify(password) && - guest_only_loopback?(remote_address, user) + guest_only_loopback?(remote_address, user) puts "Basic authentication failed" @successor ? @successor.try &.authenticate(username, password) : nil end private def guest_only_loopback?(remote_address, user) : Bool - return true unless user.name == "guest" - return true unless Config.instance.guest_only_loopback? - remote_address.loopback? + return true unless user.name == "guest" + return true unless Config.instance.guest_only_loopback? + remote_address.loopback? end end end diff --git a/src/lavinmq/auth/oauth2.cr b/src/lavinmq/auth/oauth2.cr index 09d486052f..85da614710 100644 --- a/src/lavinmq/auth/oauth2.cr +++ b/src/lavinmq/auth/oauth2.cr @@ -1,7 +1,6 @@ module LavinMQ class OAuth2Handler < LavinMQ::AuthHandler def authenticate(username : String, password : String) - # TODO: implement the OAuth2 authentication logic and permissions parser here if password.starts_with?("oauth") puts "OAuth2 authentication successful"