Mirrors/vaultwarden
1
0
Fork 0
mirror of https://github.com/dani-garcia/vaultwarden.git synced 2025-06-12 21:27:37 +02:00
Code Issues Packages Projects Releases Wiki Activity

Trim spaces from admin token during authentication and validate that the admin panel token is not empty

Browse Source
This commit is contained in:
Daniel García
2019-03-07 20:21:50 +01:00
parent 9e1f030a80
commit 0718a090e1
2 changed files with 7 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/api/admin.rs
View File

@ -89,7 +89,7 @@ fn post_admin_login(data: Form<LoginForm>, mut cookies: Cookies, ip: ClientIp) -
fn _validate_token(token: &str) -> bool {
match CONFIG.admin_token().as_ref() {
None => false,
Some(t) => crate::crypto::ct_eq(t, token),
Some(t) => crate::crypto::ct_eq(t.trim(), token.trim()),
}
}