YunoHost/moulinette
1
0
Fork 0
mirror of https://github.com/YunoHost/moulinette.git synced 2024-09-03 20:06:31 +02:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #62 from jeromelebleu/dev

Browse source 
Fix empty password breach
This commit is contained in:
Jérôme Lebleu 2013-12-28 09:18:35 -08:00
commit 65270dba7b
1 changed files with 3 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
yunohost.tac
View file

@ -42,8 +42,10 @@ def http_exec(request, **kwargs):
# Simple HTTP auth # Simple HTTP auth
elif installed: elif installed:
authorized = request.getUser() == 'admin' authorized = False
pwd = request.getPassword() pwd = request.getPassword()
if request.getUser() == 'admin' and pwd != '':
authorized = True
if dev and 'api_key' in request.args: if dev and 'api_key' in request.args:
pwd = request.args['api_key'][0] pwd = request.args['api_key'][0]
authorized = True authorized = True