YunoHost/dynette
1
0
Fork 0
mirror of https://github.com/YunoHost/dynette.git synced 2024-09-03 20:06:17 +02:00
Code Issues Projects Releases Packages Wiki Activity

Misc clarification

Browse source
This commit is contained in:
Alexandre Aubin 2023-04-11 18:58:24 +02:00
parent 8ce490a8e7
commit 653289c446
1 changed files with 4 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
app.py
View file

@ -151,7 +151,7 @@ def delete_using_recovery_password_or_key(subdomain):
with open(f"{app.config['DB_FOLDER']}/{subdomain}.key") as f: with open(f"{app.config['DB_FOLDER']}/{subdomain}.key") as f:
if not hmac.compare_digest(key, f.read()): if not hmac.compare_digest(key, f.read()):
return '"Access denied"', 403 return '"Access denied"', 403
if recovery_password: elif recovery_password:
if not os.path.exists( if not os.path.exists(
f"{app.config['DB_FOLDER']}/{subdomain}.recovery_password" f"{app.config['DB_FOLDER']}/{subdomain}.recovery_password"
): ):
@ -161,6 +161,9 @@ def delete_using_recovery_password_or_key(subdomain):
if not bcrypt.checkpw(recovery_password.encode(), hashed): if not bcrypt.checkpw(recovery_password.encode(), hashed):
return '"Access denied"', 403 return '"Access denied"', 403
# Shouldnt happen, this is checked before
else:
return '"Access denied"', 403
if os.path.exists(f"{app.config['DB_FOLDER']}/{subdomain}.key"): if os.path.exists(f"{app.config['DB_FOLDER']}/{subdomain}.key"):
os.remove(f"{app.config['DB_FOLDER']}/{subdomain}.key") os.remove(f"{app.config['DB_FOLDER']}/{subdomain}.key")