Mirrored_Repos/crafty-4
1
0
Fork 0
mirror of https://gitlab.com/crafty-controller/crafty-4.git synced 2024-08-30 18:23:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add default path password check

Browse Source 
Change decode to utf-8
This commit is contained in:
Andrew 2024-02-17 23:08:23 -05:00
parent d673908ce4
commit f6bb6eafcd
2 changed files with 17 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
app/classes/web/public_handler.py
View File

@ -116,7 +116,8 @@ class PublicHandler(BaseHandler):
entered_username = nh3.clean(self.get_argument("username")) # pylint: disable=no-member entered_username = nh3.clean(self.get_argument("username")) # pylint: disable=no-member
try: try:
entered_password = base64.b64decode(self.get_argument("encPassword")) entered_password = base64.b64decode(
self.get_argument("encPassword")).decode("utf-8")
except binascii.Error: except binascii.Error:
error_msg = ("Hello? Hello? Anybody home?" error_msg = ("Hello? Hello? Anybody home?"
" Go straight to jail. Do not pass go.") " Go straight to jail. Do not pass go.")
@ -220,7 +221,18 @@ class PublicHandler(BaseHandler):
# self.clear_cookie("user") # self.clear_cookie("user")
# self.clear_cookie("user_data") # self.clear_cookie("user_data")
self.clear_cookie("token") self.clear_cookie("token")
error_msg = "Incorrect username or password. Please try again." error_msg = (
self.helper.translation.translate("login",
"incorrect",
self.helper.get_setting("language"))
)
if entered_password == "app/config/default-creds.txt":
error_msg += ". "
error_msg += (
self.helper.translation.translate("login",
"defaultPath",
self.helper.get_setting("language"))
)
# log this failed login attempt # log this failed login attempt
self.controller.management.add_to_audit_log( self.controller.management.add_to_audit_log(
user_data.user_id, "Tried to log in", 0, self.get_remote_ip() user_data.user_id, "Tried to log in", 0, self.get_remote_ip()

4
app/translations/en_EN.json
View File

@ -219,7 +219,9 @@
"login": "Log In", "login": "Log In",
"password": "Password", "password": "Password",
"username": "Username", "username": "Username",
"viewStatus": "View Public Status Page" "viewStatus": "View Public Status Page",
"incorrect": "Incorrect username or password",
"defaultPath": "The password you entered is the default credential path, not the password. Please find the default password in that location."
}, },
"notify": { "notify": {
"activityLog": "Activity Logs", "activityLog": "Activity Logs",