revert http basic auth

it can't be fast and secure.
zapakh · Feb 7, 2018 · 618186c · 618186c
1 parent 89f8b47
commit 618186c
Show file tree

Hide file tree

Showing 3 changed files with 3 additions and 30 deletions.
diff --git a/modules/security/src/main/Env.scala b/modules/security/src/main/Env.scala
@@ -156,7 +156,7 @@ final class Env(
   scheduler.once(30 seconds)(tor.refresh(_ => funit))
   scheduler.effect(TorRefreshDelay, "Refresh Tor exit nodes")(tor.refresh(firewall.unblockIps))
 
-  lazy val api = new SecurityApi(storeColl, firewall, geoIP, authenticator, emailAddressValidator, asyncCache)
+  lazy val api = new SecurityApi(storeColl, firewall, geoIP, authenticator, emailAddressValidator)
 
   lazy val csrfRequestHandler = new CSRFRequestHandler(NetDomain)
 

diff --git a/modules/security/src/main/SecurityApi.scala b/modules/security/src/main/SecurityApi.scala
@@ -19,8 +19,7 @@ final class SecurityApi(
     firewall: Firewall,
     geoIP: GeoIP,
     authenticator: lila.user.Authenticator,
-    emailValidator: EmailAddressValidator,
-    asyncCache: lila.memo.AsyncCache.Builder
+    emailValidator: EmailAddressValidator
 ) {
 
   val AccessUri = "access_uri"
@@ -77,7 +76,7 @@ final class SecurityApi(
             }
           }
         }
-      } // orElse BasicAuth(req).map2 { (u: User) => FingerprintedUser(u, false) }
+      }
     }
 
   def locatedOpenSessions(userId: User.ID, nb: Int): Fu[List[LocatedSession]] =
@@ -95,29 +94,6 @@ final class SecurityApi(
 
   def reqSessionId(req: RequestHeader) = req.session get "sessionId"
 
-  private object BasicAuth {
-
-    private type Username = String
-
-    private val cache = asyncCache.multi[(Username, User.ClearPassword), Boolean](
-      name = "security.basic_auth",
-      f = {
-        case (username, password) => authenticator.authenticateByUsername(username, password).map(_.isDefined)
-      },
-      expireAfter = _.ExpireAfterWrite(2 minutes)
-    )
-
-    def apply(req: RequestHeader): Fu[Option[User]] = {
-      req.headers get "Authorization" flatMap lila.common.String.base64.decode map (_.split(":", 2))
-    } ?? {
-      case Array(username, password) =>
-        cache.get(username -> User.ClearPassword(password)) flatMap {
-          _ ?? UserRepo.named(username)
-        }
-      case _ => fuccess(none)
-    }
-  }
-
   def userIdsSharingIp = userIdsSharingField("ip") _
 
   def recentByIpExists(ip: IpAddress): Fu[Boolean] = Store recentByIpExists ip

diff --git a/modules/user/src/main/Authenticator.scala b/modules/user/src/main/Authenticator.scala
@@ -26,9 +26,6 @@ final class Authenticator(
   def authenticateById(id: User.ID, password: ClearPassword): Fu[Option[User]] =
     loginCandidateById(id) map { _ flatMap { _(password) } }
 
-  def authenticateByUsername(username: String, password: ClearPassword): Fu[Option[User]] =
-    authenticateById(User normalize username, password)
-
   def authenticateByEmail(email: EmailAddress, password: ClearPassword): Fu[Option[User]] =
     loginCandidateByEmail(email) map { _ flatMap { _(password) } }