mirror of
https://github.com/YunoHost/SSOwat.git
synced 2024-09-03 20:06:27 +02:00
Fix auth_header
If a colon is in the password, user and password are not well detected. For example if user="me" and password="pass:word" the function give user="me:pass" password="word"
This commit is contained in:
parent
46b58d3695
commit
ba5ffba490
1 changed files with 1 additions and 1 deletions
|
@ -276,7 +276,7 @@ function validate_or_clear_basic_auth_header_provided_by_client()
|
|||
|
||||
-- Try to authenticate the user,
|
||||
-- or remove the Auth header if not valid
|
||||
_, _, user, password = string.find(ngx.decode_base64(b64_cred), "^(.+):(.+)$")
|
||||
_, _, user, password = string.find(ngx.decode_base64(b64_cred), "^([^:]+):(.+)$")
|
||||
user = authenticate(user, password)
|
||||
if user then
|
||||
logger.debug("User got authenticated through basic auth")
|
||||
|
|
Loading…
Reference in a new issue