jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

passkey: disallow in demo mode

Browse Source
This commit is contained in:
Girish Ramakrishnan
2026-03-18 12:28:57 +05:30
parent 7829f94ac4
commit f62df52c1d
1 changed files with 3 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/routes/profile.js
+3
View File
@@ -1,6 +1,7 @@
import assert from 'node:assert';
import AuditSource from '../auditsource.js';
import BoxError from '../boxerror.js';
import constants from '../constants.js';
import { HttpError } from '@cloudron/connect-lastmile';
import { HttpSuccess } from '@cloudron/connect-lastmile';
import oidcServer from '../oidcserver.js';
@@ -248,6 +249,8 @@ async function registerPasskey(req, res, next) {
assert.strictEqual(typeof req.user, 'object');
assert.strictEqual(typeof req.body, 'object');
if (constants.DEMO && req.user.username === constants.DEMO_USERNAME) return next(new HttpError(412, 'Not allowed in demo mode'));
if (!req.body.credential || typeof req.body.credential !== 'object') return next(new HttpError(400, 'credential must be an object'));
if (req.body.name && typeof req.body.name !== 'string') return next(new HttpError(400, 'name must be a string'));