/usr/lib/ruby/vendor_ruby/chef_zero/endpoints/organization_authenticate_user_endpoint.rb is in chef-zero 4.5.0-2.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 | require 'ffi_yajl'
require 'chef_zero/rest_base'
module ChefZero
module Endpoints
# /organizations/NAME/authenticate_user
class OrganizationAuthenticateUserEndpoint < RestBase
def post(request)
request_json = FFI_Yajl::Parser.parse(request.body, :create_additions => false)
name = request_json['name']
password = request_json['password']
begin
user = data_store.get(request.rest_path[0..-2] + ['users', name])
user = FFI_Yajl::Parser.parse(user, :create_additions => false)
verified = user['password'] == password
rescue DataStore::DataNotFoundError
verified = false
end
json_response(200, {
'name' => name,
'verified' => !!verified
})
end
end
end
end
|