From 2f9a11c308587d09ef9f40e68dc45cf7646a40a4 Mon Sep 17 00:00:00 2001
From: Philip O'Toole <philip.otoole@yahoo.com>
Date: Mon, 5 Dec 2022 08:41:54 -0500
Subject: [PATCH] Make sure username-passwords don't mix

---
 auth/credential_store_test.go | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/auth/credential_store_test.go b/auth/credential_store_test.go
index 1908db03..d2c9c684 100644
--- a/auth/credential_store_test.go
+++ b/auth/credential_store_test.go
@@ -309,6 +309,16 @@ func Test_AuthLoadHashedSingleRequest(t *testing.T) {
 		password: "wrong",
 		ok:       true,
 	}
+	b5 := &testBasicAuther{
+		username: "username1",
+		password: "password2",
+		ok:       true,
+	}
+	b6 := &testBasicAuther{
+		username: "username2",
+		password: "password1",
+		ok:       true,
+	}
 
 	if check := store.CheckRequest(b1); !check {
 		t.Fatalf("username1 (b1) credential not checked correctly via request")
@@ -322,6 +332,12 @@ func Test_AuthLoadHashedSingleRequest(t *testing.T) {
 	if check := store.CheckRequest(b4); check {
 		t.Fatalf("username2 (b4) credential not checked correctly via request")
 	}
+	if check := store.CheckRequest(b5); check {
+		t.Fatalf("username2 (b5) credential not checked correctly via request")
+	}
+	if check := store.CheckRequest(b6); check {
+		t.Fatalf("username2 (b5) credential not checked correctly via request")
+	}
 }
 
 func Test_AuthPermsRequestLoadSingle(t *testing.T) {