NussNougate/crafty-4
2
0
Fork 0
mirror of https://gitlab.com/crafty-controller/crafty-4.git synced 2025-01-18 17:15:13 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add default path password check

Browse Source 
Change decode to utf-8
This commit is contained in:
Andrew 2024-02-17 23:08:23 -05:00
parent d673908ce4
commit f6bb6eafcd
2 changed files with 17 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
app/classes/web/public_handler.py
View File

@ -116,7 +116,8 @@ class PublicHandler(BaseHandler):
entered_username = nh3.clean(self.get_argument("username")) # pylint: disable=no-member
try:
entered_password = base64.b64decode(self.get_argument("encPassword"))
entered_password = base64.b64decode(
self.get_argument("encPassword")).decode("utf-8")
except binascii.Error:
error_msg = ("Hello? Hello? Anybody home?"
" Go straight to jail. Do not pass go.")
@ -220,7 +221,18 @@ class PublicHandler(BaseHandler):
# self.clear_cookie("user")
# self.clear_cookie("user_data")
self.clear_cookie("token")
error_msg = "Incorrect username or password. Please try again."
error_msg = (
self.helper.translation.translate("login",
"incorrect",
self.helper.get_setting("language"))
)
if entered_password == "app/config/default-creds.txt":
error_msg += ". "
error_msg += (
self.helper.translation.translate("login",
"defaultPath",
self.helper.get_setting("language"))
)
# log this failed login attempt
self.controller.management.add_to_audit_log(
user_data.user_id, "Tried to log in", 0, self.get_remote_ip()

4
app/translations/en_EN.json
View File

@ -219,7 +219,9 @@
"login": "Log In",
"password": "Password",
"username": "Username",
"viewStatus": "View Public Status Page"
"viewStatus": "View Public Status Page",
"incorrect": "Incorrect username or password",
"defaultPath": "The password you entered is the default credential path, not the password. Please find the default password in that location."
},
"notify": {
"activityLog": "Activity Logs",