From ee0fe6e2215702d736752130bf488c5de376bbb2 Mon Sep 17 00:00:00 2001
From: Knut Ahlers <knut@ahlers.me>
Date: Sat, 7 Feb 2015 21:01:05 +0100
Subject: [PATCH] Checking for short APIKeys and rejecting

---
 .gitignore | 1 +
 main.go    | 4 ++++
 2 files changed, 5 insertions(+)

diff --git a/.gitignore b/.gitignore
index 4fd0696..9b10a1b 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1,2 @@
 gin-bin
+mondash
diff --git a/main.go b/main.go
index 3add166..dbed29b 100644
--- a/main.go
+++ b/main.go
@@ -101,6 +101,10 @@ func main() {
 
 		dash, err := LoadDashboard(params["dashid"])
 		if err != nil {
+			if len(req.Header.Get("Authorization")) < 10 {
+				http.Error(res, "APIKey is too insecure", http.StatusUnauthorized)
+				return
+			}
 			dash = &Dashboard{APIKey: req.Header.Get("Authorization"), Metrics: DashboardMetrics{}, DashboardID: params["dashid"]}
 		}