- _ -> conn |> halt_or_continue(opts)
- end
- end
-
- # Short-circuit if we have a cookie with the id for the given user.
- defp verify(%{id: id} = user, _password, id) do
- {:ok, user}
- end
-
- defp verify(nil, _password, _user_id) do
- Pbkdf2.dummy_checkpw
- :error
- end
-
- defp verify(user, password, _user_id) do
- if Pbkdf2.checkpw(password, user.password_hash) do
- {:ok, user}
- else
- :error
- end
- end
-
- defp decode_header(conn) do
- with ["Basic " <> header] <- get_req_header(conn, "authorization"),
- {:ok, userinfo} <- Base.decode64(header),
- [username, password] <- String.split(userinfo, ":", parts: 2)
- do
- {:ok, username, password}