mirrors/etherpad-lite
1
0
Fork 0
mirror of https://github.com/ether/etherpad-lite.git synced 2025-04-20 15:36:16 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 27

Fixed password with only numbers being rejected.

Browse source
This commit is contained in:
SamTV12345 2023-07-02 17:48:16 +02:00
parent 8e690aa342
commit 6ee4d3daaa
1 changed files with 4 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

5
src/node/hooks/express/webaccess.js
View file

@ -149,7 +149,10 @@ const checkAccess = async (req, res, next) => {
if (!(await aCallFirst0('authenticate', ctx))) { if (!(await aCallFirst0('authenticate', ctx))) {
// Fall back to HTTP basic auth. // Fall back to HTTP basic auth.
const {[ctx.username]: {password} = {}} = settings.users; const {[ctx.username]: {password} = {}} = settings.users;
if (!httpBasicAuth || !ctx.username || password == null || password !== ctx.password) {
if (!httpBasicAuth ||
!ctx.username ||
password == null || password.toString() !== ctx.password) {
httpLogger.info(`Failed authentication from IP ${req.ip}`); httpLogger.info(`Failed authentication from IP ${req.ip}`);
if (await aCallFirst0('authnFailure', {req, res})) return; if (await aCallFirst0('authnFailure', {req, res})) return;
if (await aCallFirst0('authFailure', {req, res, next})) return; if (await aCallFirst0('authFailure', {req, res, next})) return;