jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

auth: add logs when auth fails or succeeds

Browse Source
This commit is contained in:
Girish Ramakrishnan
2025-07-11 17:59:00 +02:00
parent a470b2cd4e
commit 22e23e1e65
8 changed files with 70 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/routes/users.js
+1 -1
View File
@@ -196,7 +196,7 @@ async function verifyPassword(req, res, next) {
if (typeof req.body.password !== 'string') return next(new HttpError(400, 'API call requires user password'));
const [error] = await safe(users.verify(req.user.id, req.body.password, users.AP_WEBADMIN, { skipTotpCheck: true }));
const [error] = await safe(users.verifyWithId(req.user.id, req.body.password, users.AP_WEBADMIN, { skipTotpCheck: true }));
if (error) return next(BoxError.toHttpError(error));
req.body.password = '<redacted>'; // this will prevent logs from displaying plain text password