From 7cc474935a0c86ec077efffe321cd80b586ced88 Mon Sep 17 00:00:00 2001
From: Magnus Ahltorp <map@kth.se>
Date: Fri, 27 Feb 2015 13:47:04 +0100
Subject: Do not try to verify authtoken if key is unknown

---
 src/http_auth.erl | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'src/http_auth.erl')

diff --git a/src/http_auth.erl b/src/http_auth.erl
index 3186751..6a076fa 100644
--- a/src/http_auth.erl
+++ b/src/http_auth.erl
@@ -118,6 +118,9 @@ verify_auth(AuthHeader, Method, Path, Data) ->
     AuthSuccess = case lookup_publickey(KeyName) of
                       nokey ->
                           false;
+                      failure ->
+                          lager:info("key name ~p could not be found", [KeyName]),
+                          false;
                       Key ->
                           verify(AuthToken, Key, Method, Path, Data)
                   end,
@@ -125,7 +128,7 @@ verify_auth(AuthHeader, Method, Path, Data) ->
         true ->
             check_acl(Method, KeyName, Path);
         _ ->
-            lager:info("authentication token ~p was not valid for key name ~p", [mochihex:to_hex(AuthToken), KeyName]),
+            lager:info("authentication token ~p was not valid for key name ~p: ~p ~p ~p", [mochihex:to_hex(AuthToken), KeyName, Method, Path, Data]),
             failure
     end.
 
-- 
cgit v1.1