From 22c7c7403b75fa79a38578972c0f097edf84cc43 Mon Sep 17 00:00:00 2001
From: John <john@johng.cn>
Date: Wed, 27 Mar 2019 09:16:23 +0800
Subject: [PATCH] fix issue in basic http auth check for server side

---
 g/net/ghttp/ghttp_request_auth.go | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/g/net/ghttp/ghttp_request_auth.go b/g/net/ghttp/ghttp_request_auth.go
index 21b740f2d..d18a79fe9 100644
--- a/g/net/ghttp/ghttp_request_auth.go
+++ b/g/net/ghttp/ghttp_request_auth.go
@@ -26,21 +26,21 @@ func (r *Request) setBasicAuth(tips...string) {
 }
 
 // 设置HTTP基础账号密码认证，如果用户没有提交账号密码，那么提示用户输出信息。
-// 验证成功之后返回true，否则返回false
+// 验证成功之后返回true，否则返回false。
 func (r *Request) BasicAuth(user, pass string, tips...string) bool {
     auth := r.Header.Get("Authorization")
     if auth == "" {
         r.setBasicAuth(tips...)
         return false
     }
-    auths := strings.SplitN(auth, " ", 2)
-    if len(auths) != 2 {
+    authArray := strings.SplitN(auth, " ", 2)
+    if len(authArray) != 2 {
         r.Response.WriteStatus(http.StatusForbidden)
         return false
     }
-    switch auths[0] {
+    switch authArray[0] {
         case "Basic":
-            authStr, err := gbase64.Decode(auths[1])
+            authStr, err := gbase64.Decode(authArray[1])
             if err != nil {
                 r.Response.WriteStatus(http.StatusForbidden, err.Error())
                 return false
@@ -54,11 +54,12 @@ func (r *Request) BasicAuth(user, pass string, tips...string) bool {
                 r.setBasicAuth(tips...)
                 return false
             }
+            return true
 
         default:
             r.Response.WriteStatus(http.StatusForbidden)
             return false
     }
-    return true
+    return false
 }