33: def authenticate(req, res)
34: unless basic_credentials = check_scheme(req)
35: challenge(req, res)
36: end
37: userid, password = basic_credentials.unpack("m*")[0].split(":", 2)
38: password ||= ""
39: if userid.empty?
40: error("user id was not given.")
41: challenge(req, res)
42: end
43: unless encpass = @userdb.get_passwd(@realm, userid, @reload_db)
44: error("%s: the user is not allowed.", userid)
45: challenge(req, res)
46: end
47: if password.crypt(encpass) != encpass
48: error("%s: password unmatch.", userid)
49: challenge(req, res)
50: end
51: info("%s: authentication succeeded.", userid)
52: req.user = userid
53: end