From 7bc6c728446b6b0bbb45d72676dce0ad4b3d9f55 Mon Sep 17 00:00:00 2001 From: fatedier Date: Wed, 31 May 2017 01:07:51 +0800 Subject: [PATCH] dashboard: fix dashboard auth error, fix #339 --- models/plugin/http_proxy.go | 1 + server/dashboard.go | 6 +++--- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/models/plugin/http_proxy.go b/models/plugin/http_proxy.go index 1e03f215..9c51e6f5 100644 --- a/models/plugin/http_proxy.go +++ b/models/plugin/http_proxy.go @@ -66,6 +66,7 @@ func (l *Listener) Close() error { defer l.mu.Unlock() if !l.closed { close(l.conns) + l.closed = true } return nil } diff --git a/server/dashboard.go b/server/dashboard.go index 0e541f74..bbbeef91 100644 --- a/server/dashboard.go +++ b/server/dashboard.go @@ -84,7 +84,7 @@ type AuthWraper struct { func (aw *AuthWraper) ServeHTTP(w http.ResponseWriter, r *http.Request) { user, passwd, hasAuth := r.BasicAuth() - if (aw.user == "" && aw.passwd == "") || (hasAuth && user == aw.user || passwd == aw.passwd) { + if (aw.user == "" && aw.passwd == "") || (hasAuth && user == aw.user && passwd == aw.passwd) { aw.h.ServeHTTP(w, r) } else { w.Header().Set("WWW-Authenticate", `Basic realm="Restricted"`) @@ -104,7 +104,7 @@ func basicAuth(h http.HandlerFunc) http.HandlerFunc { return func(w http.ResponseWriter, r *http.Request) { user, passwd, hasAuth := r.BasicAuth() if (config.ServerCommonCfg.DashboardUser == "" && config.ServerCommonCfg.DashboardPwd == "") || - (hasAuth && user == config.ServerCommonCfg.DashboardUser || passwd == config.ServerCommonCfg.DashboardPwd) { + (hasAuth && user == config.ServerCommonCfg.DashboardUser && passwd == config.ServerCommonCfg.DashboardPwd) { h.ServeHTTP(w, r) } else { w.Header().Set("WWW-Authenticate", `Basic realm="Restricted"`) @@ -117,7 +117,7 @@ func httprouterBasicAuth(h httprouter.Handle) httprouter.Handle { return func(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { user, passwd, hasAuth := r.BasicAuth() if (config.ServerCommonCfg.DashboardUser == "" && config.ServerCommonCfg.DashboardPwd == "") || - (hasAuth && user == config.ServerCommonCfg.DashboardUser || passwd == config.ServerCommonCfg.DashboardPwd) { + (hasAuth && user == config.ServerCommonCfg.DashboardUser && passwd == config.ServerCommonCfg.DashboardPwd) { h(w, r, ps) } else { w.Header().Set("WWW-Authenticate", `Basic realm="Restricted"`)