/usr/lib/ruby/vendor_ruby/chef_zero/endpoints/authenticate_user_endpoint.rb is in chef-zero 2.0.1-1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 | require 'json'
require 'chef_zero/rest_base'
module ChefZero
module Endpoints
# /authenticate_user
class AuthenticateUserEndpoint < RestBase
def post(request)
request_json = JSON.parse(request.body, :create_additions => false)
name = request_json['name']
password = request_json['password']
begin
user = data_store.get(['users', name])
verified = JSON.parse(user, :create_additions => false)['password'] == password
rescue DataStore::DataNotFoundError
verified = false
end
json_response(200, {
'name' => name,
'verified' => !!verified
})
end
end
end
end
|