1 files changed, 16 insertions, 6 deletions

diff --git a/web/config.go b/web/config.go
index 2479e38..acdc4bf 100644
--- a/web/config.go
+++ b/web/config.go
@@ -1,6 +1,7 @@
 package web
 
 import (
+        "crypto/subtle"
         "encoding/json"
         "io/ioutil"
         "strings"
@@ -10,12 +11,13 @@ import (
 )
 
 type ServerConfig struct {
-        BindConfig     *bind.BINDConfig
-        DNSClient      *dns.DNSClient
-        AcmeView       string
-        DynamicDnsView string
-        DDNSSecrets    map[string]string         `json:"DDNS"`
-        AcmeSecrets    map[string]map[string]int `json:"ACME"`
+        BindConfig       *bind.BINDConfig
+        DNSClient        *dns.DNSClient
+        AcmeView         string
+        DynamicDnsView   string
+        DDNSSecrets      map[string]string         `json:"DDNS"`
+        AcmeSecrets      map[string]map[string]int `json:"ACME"`
+        DNSManageSecrets map[string]string         `json:"DNS_MANAGE"`
 }
 
 func LoadServerConfig(zonesFile, secretsFile, server, view string) (*ServerConfig, error) {
@@ -53,6 +55,14 @@ func (s *ServerConfig) AcmeSecretExists(k string) bool {
         return ok
 }
 
+func (s *ServerConfig) DNSUserAuth(u, p string) bool {
+        cp, ok := s.DNSManageSecrets[u]
+        if !ok {
+                return false
+        }
+        return subtle.ConstantTimeCompare([]byte(p), []byte(cp)) == 1
+}
+
 func (s *ServerConfig) IsAcmeClientAllowed(key, zone string) bool {
         u, ok := s.AcmeSecrets[key]
         if !ok {