summaryrefslogtreecommitdiff
path: root/src/couchdb/couch_server.erl
diff options
context:
space:
mode:
authorDamien F. Katz <damien@apache.org>2008-10-22 03:08:53 +0000
committerDamien F. Katz <damien@apache.org>2008-10-22 03:08:53 +0000
commit50decd4044bb8fcfd22c485e064a11d63fa15a2d (patch)
tree87c984effe7f270ad341bc66a565d5364a5cd505 /src/couchdb/couch_server.erl
parent561b9852b792bae344ad87b02b14f8e3f712a13e (diff)
First check-in of admin http authentication and authorization.
git-svn-id: https://svn.apache.org/repos/asf/incubator/couchdb/trunk@706848 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'src/couchdb/couch_server.erl')
-rw-r--r--src/couchdb/couch_server.erl29
1 files changed, 28 insertions, 1 deletions
diff --git a/src/couchdb/couch_server.erl b/src/couchdb/couch_server.erl
index 95d51fc7..8363d4a1 100644
--- a/src/couchdb/couch_server.erl
+++ b/src/couchdb/couch_server.erl
@@ -18,7 +18,7 @@
-export([open/2,create/2,delete/1,all_databases/0,get_version/0]).
-export([init/1, handle_call/3,sup_start_link/0]).
-export([handle_cast/2,code_change/3,handle_info/2,terminate/2]).
--export([dev_start/0,remote_restart/0]).
+-export([dev_start/0,remote_restart/0,is_admin/2,has_admins/0]).
-include("couch_db.hrl").
@@ -85,9 +85,31 @@ check_dbname(#server{dbname_regexp=RegExp}, DbName) ->
ok
end.
+is_admin(User, ClearPwd) ->
+ case couch_config:get("admins", User) of
+ "-hashed-" ++ HashedPwdAndSalt ->
+ [HashedPwd, Salt] = string:tokens(HashedPwdAndSalt, ","),
+ couch_util:to_hex(crypto:sha(ClearPwd ++ Salt)) == HashedPwd;
+ _Else ->
+ false
+ end.
+
+has_admins() ->
+ couch_config:get("admins") /= [].
+
get_full_filename(Server, DbName) ->
filename:join([Server#server.root_dir, "./" ++ DbName ++ ".couch"]).
+hash_admin_passwords() ->
+ lists:foreach(
+ fun({_User, "-hashed-" ++ _}) ->
+ ok; % already hashed
+ ({User, ClearPassword}) ->
+ Salt = ?b2l(couch_util:new_uuid()),
+ Hashed = couch_util:to_hex(crypto:sha(ClearPassword ++ Salt)),
+ couch_config:set("admins", User, "-hashed-" ++ Hashed ++ "," ++ Salt)
+ end, couch_config:get("admins")).
+
init([]) ->
% read config and register for configuration changes
@@ -103,6 +125,11 @@ init([]) ->
("couchdb", "server_options") ->
exit(Self, config_change)
end),
+ ok = couch_config:register(
+ fun("admins", _) ->
+ hash_admin_passwords()
+ end),
+ hash_admin_passwords(),
{ok, RegExp} = regexp:parse("^[a-z][a-z0-9\\_\\$()\\+\\-\\/]*$"),
ets:new(couch_dbs_by_name, [set, private, named_table]),
ets:new(couch_dbs_by_pid, [set, private, named_table]),
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-01 17:23:23 +0000