jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

profile: unify password verification check

Browse Source
This commit is contained in:
Girish Ramakrishnan
2024-01-22 13:53:40 +01:00
parent 3220721f84
commit d7dda61775
4 changed files with 7 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/routes/accesscontrol.js
View File

@@ -27,7 +27,7 @@ async function passwordAuth(req, res, next) {
const verifyFunc = username.indexOf('@') === -1 ? users.verifyWithUsername : users.verifyWithEmail;
let [error, user] = await safe(verifyFunc(username, password, users.AP_WEBADMIN, { totpToken }));
let [error, user] = await safe(verifyFunc(username, password, users.AP_WEBADMIN, { totpToken, skipTotpCheck: false }));
if (error && error.reason === BoxError.INVALID_CREDENTIALS) return next(new HttpError(401, error.message));
if (error && error.reason === BoxError.NOT_FOUND) return next(new HttpError(401, 'Unauthorized'));
if (error) return next(new HttpError(500, error));