MichaelEischer
commented
1 year ago htpass.Validate caches successful authentications. That is, we need at least a second iteration to test that the caching works as expected (or rather that the password is still checked correctly). The additional iterations are just there make sure that continued password validations still behave as expected. Three iterations would probably be enough to achieve the same effect. But the test is fast enough anyways, so it doesn't hurt.
This is not a feature request/enhancement, but I did not find any other apropriate way to ask questions about the codebase (the forum seems to be targeted towards end-users):
I am debugging an issue with failing authentication and started looking at the code. While looking through the tests of
htpasswd.goby @MichaelEischer and @rawtaz I stumbled upon the for-loop inTestValidatewhose purpose is not clear to me. I have some guesses (ranging from forgotten debugging code to testing internal state ofhtpass) so it would be nice if the authors could shade some light on this. :bow: :slightly_smiling_face: Thanks!