rixty/SillyTavern
1
0
Fork 0
mirror of https://github.com/SillyTavern/SillyTavern.git synced 2025-06-05 21:59:27 +02:00
Code Issues Packages Projects Releases Wiki Activity

Only allow login via basic per-user if user password is set

Browse Source
This commit is contained in:
QuantumEntangledAndy
2024-10-09 15:04:28 +07:00
parent fe1f9fafbd
commit 06a7bdd3ce
2 changed files with 0 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/middleware/basicAuth.js
View File

@@ -43,10 +43,6 @@ const basicAuthMiddleware = async function (request, response, callback) {
if (user && user.enabled && (user.password && user.password === getPasswordHash(password, user.salt))) { if (user && user.enabled && (user.password && user.password === getPasswordHash(password, user.salt))) {
return callback(); return callback();
} }
else if (user && user.enabled && !user.password && !password) {
// Login to an account without password
return callback();
}
} }
} }
} }

5
src/users.js
View File

@@ -678,11 +678,6 @@ async function basicUserLogin(request) {
request.session.handle = userHandle; request.session.handle = userHandle;
return true; return true;
} }
else if (user && user.enabled && !user.password && !password) {
// Login to an account without password
request.session.handle = userHandle;
return true;
}
} }
} }