From f6bb6eafcdc6f730d599e4545270194cfec71459 Mon Sep 17 00:00:00 2001
From: Andrew <mcdeweykp@gmail.com>
Date: Sat, 17 Feb 2024 23:08:23 -0500
Subject: [PATCH] Add default path password check

Change decode to utf-8
---
 app/classes/web/public_handler.py | 16 ++++++++++++++--
 app/translations/en_EN.json       |  4 +++-
 2 files changed, 17 insertions(+), 3 deletions(-)

diff --git a/app/classes/web/public_handler.py b/app/classes/web/public_handler.py
index 93db9332..5280644a 100644
--- a/app/classes/web/public_handler.py
+++ b/app/classes/web/public_handler.py
@@ -116,7 +116,8 @@ class PublicHandler(BaseHandler):
 
             entered_username = nh3.clean(self.get_argument("username")) # pylint: disable=no-member
             try:
-                entered_password = base64.b64decode(self.get_argument("encPassword"))
+                entered_password = base64.b64decode(
+                    self.get_argument("encPassword")).decode("utf-8")
             except binascii.Error:
                 error_msg = ("Hello? Hello? Anybody home?"
                 " Go straight to jail. Do not pass go.")
@@ -220,7 +221,18 @@ class PublicHandler(BaseHandler):
                 # self.clear_cookie("user")
                 # self.clear_cookie("user_data")
                 self.clear_cookie("token")
-                error_msg = "Incorrect username or password. Please try again."
+                error_msg = (
+                self.helper.translation.translate("login",
+                                                    "incorrect",
+                                                    self.helper.get_setting("language"))
+                )
+                if entered_password == "app/config/default-creds.txt":
+                    error_msg += ". "
+                    error_msg += (
+                        self.helper.translation.translate("login",
+                                                    "defaultPath",
+                                                    self.helper.get_setting("language"))
+                    )
                 # log this failed login attempt
                 self.controller.management.add_to_audit_log(
                     user_data.user_id, "Tried to log in", 0, self.get_remote_ip()
diff --git a/app/translations/en_EN.json b/app/translations/en_EN.json
index 7d2b2cbb..0b7bf022 100644
--- a/app/translations/en_EN.json
+++ b/app/translations/en_EN.json
@@ -219,7 +219,9 @@
         "login": "Log In",
         "password": "Password",
         "username": "Username",
-        "viewStatus": "View Public Status Page"
+        "viewStatus": "View Public Status Page",
+        "incorrect": "Incorrect username or password",
+        "defaultPath": "The password you entered is the default credential path, not the password. Please find the default password in that location."
     },
     "notify": {
         "activityLog": "Activity Logs",