Duplicate logic to htpasswd_backed_basic_auth()

1 files changed, 16 insertions, 4 deletions

diff --git a/etc/inc/auth.inc b/etc/inc/auth.inc
index 9bfcb68..961e2e8 100644
--- a/etc/inc/auth.inc
+++ b/etc/inc/auth.inc
@@ -115,10 +115,22 @@ function htpasswd_backed_basic_auth() {
                 if (!isset($HTTP_SERVER_VARS['AUTH_USER']))
                         continue;
 
-                /* Check to see if user even exists */
-                $username = $HTTP_SERVER_VARS['AUTH_USER'];
-                if(!($line = array_shift(preg_grep("/^$username:.*$/", $authfile))))
-                        continue;
+		/*
+		 *    auth the username
+                 *    honour custom username set in webConfigurator page */
+		 */ 
+		if($config['system']['username'] == $HTTP_SERVER_VARS['AUTH_USER']) {
+			/* we match, check the password in xml configuration file */
+			$username = "root";
+		} else {
+			/*   finally, if we're here then we didn't match the username in
+			 *   the webConfigurator.  Check the password file.
+                         */
+			/* Check to see if user even exists */
+			$username = $HTTP_SERVER_VARS['AUTH_USER'];
+			if(!($line = array_shift(preg_grep("/^$username:.*$/", $authfile))))
+				continue;
+		}
 
                 /* Get crypted password */
                 preg_match("/^$username:((\\$1\\$[.\d\w_\/]{8}\\$)[.\d\w_\/]{22})$/", $line, $matches);