update code review comments

2024-10-22 02:03:24 +00:00 · 2016-07-29 09:55:13 -07:00 · 2016-07-29 09:55:13 -07:00 · a4dcebf127
parent 6bb48bb850
commit a4dcebf127
1 changed files with 4 additions and 1 deletions
--- a/lib/auth/apiserver.go
+++ b/lib/auth/apiserver.go
@ -470,7 +470,10 @@ func (s *APIServer) generateUserCert(w http.ResponseWriter, r *http.Request, _ h
 	// This allows us to make sure that users can only request new certificates
 	// only for themselves, except admin users
 	caller, _, ok := r.BasicAuth()
-	if !ok || (req.User != caller && s.a.role != teleport.RoleAdmin) {
+	if !ok {
+		return nil, trace.AccessDenied("Missing username or password")
+	}
+	if req.User != caller && s.a.role != teleport.RoleAdmin {
 		return nil, trace.AccessDenied("User %s cannot request a certificate for %s",
 			caller, req.User)
 	}