class WEBrick::HTTPAuth::BasicAuth

def authenticate(req, res)
  unless basic_credentials = check_scheme(req)
    challenge(req, res)
  end
  userid, password = basic_credentials.unpack("m*")[0].split(":", 2)
  password ||= ""
  if userid.empty?
    error("user id was not given.")
    challenge(req, res)
  end
  unless encpass = @userdb.get_passwd(@realm, userid, @reload_db)
    error("%s: the user is not allowed.", userid)
    challenge(req, res)
  end
  case encpass
  when /\A\$2[aby]\$/
    password_matches = BCrypt::Password.new(encpass.sub(/\A\$2[aby]\$/, '$2a$')) == password
  else
    password_matches = password.crypt(encpass) == encpass
  end
  unless password_matches
    error("%s: password unmatch.", userid)
    challenge(req, res)
  end
  info("%s: authentication succeeded.", userid)
  req.user = userid
end