mirror of
https://github.com/netbirdio/netbird.git
synced 2026-04-19 16:56:39 +00:00
34 lines
694 B
Go
34 lines
694 B
Go
package methods
|
|
|
|
import (
|
|
"crypto/subtle"
|
|
"net/http"
|
|
)
|
|
|
|
const (
|
|
// DefaultPINHeader is the default header name for PIN authentication
|
|
DefaultPINHeader = "X-PIN"
|
|
)
|
|
|
|
// PINConfig holds PIN authentication settings
|
|
type PINConfig struct {
|
|
PIN string
|
|
Header string // Header name (default: "X-PIN")
|
|
}
|
|
|
|
// Validate checks PIN from the request header
|
|
func (c *PINConfig) Validate(r *http.Request) bool {
|
|
header := c.Header
|
|
if header == "" {
|
|
header = DefaultPINHeader
|
|
}
|
|
|
|
providedPIN := r.Header.Get(header)
|
|
if providedPIN == "" {
|
|
return false
|
|
}
|
|
|
|
// Use constant-time comparison to prevent timing attacks
|
|
return subtle.ConstantTimeCompare([]byte(providedPIN), []byte(c.PIN)) == 1
|
|
}
|