diff options
| author | Ryan Mehri <[email protected]> | 2020-05-11 20:41:16 -0600 |
|---|---|---|
| committer | Ryan Mehri <[email protected]> | 2020-05-11 20:41:16 -0600 |
| commit | d892cad72c1eb4ae20c1b7f1c5b9451650454c28 (patch) | |
| tree | 4563ceb597cda8339a6f49b4a3ff05c53fc67017 /backend/api/routes.go | |
| parent | Merge pull request #15 from jackyzha0/readme (diff) | |
| download | ctrl-v-d892cad72c1eb4ae20c1b7f1c5b9451650454c28.tar.xz ctrl-v-d892cad72c1eb4ae20c1b7f1c5b9451650454c28.zip | |
Add password check on post hash
Diffstat (limited to 'backend/api/routes.go')
| -rw-r--r-- | backend/api/routes.go | 15 |
1 files changed, 14 insertions, 1 deletions
diff --git a/backend/api/routes.go b/backend/api/routes.go index 7fb2114..6b9ba43 100644 --- a/backend/api/routes.go +++ b/backend/api/routes.go @@ -52,12 +52,25 @@ func insertFunc(w http.ResponseWriter, r *http.Request) { } func getHashFunc(w http.ResponseWriter, r *http.Request) { + // no password given for get + handleGetHash(w, r, "") +} + +func getHashWithPasswordFunc(w http.ResponseWriter, r *http.Request) { + // get password from form + _ = r.ParseMultipartForm(0) + gotPassword := r.FormValue("password") + + handleGetHash(w, r, gotPassword) + +} +func handleGetHash(w http.ResponseWriter, r *http.Request, gotPassword string) { // Allow CORS w.Header().Set("Access-Control-Allow-Origin", "*") hash := mux.Vars(r)["hash"] - paste, err := cache.C.Get(hash) + paste, err := cache.C.Get(hash, gotPassword) // if hash was not found if err == cache.PasteNotFound { |