rixty
/
SillyTavern
mirror of https://github.com/SillyTavern/SillyTavern.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

[chore] Use same basic code logic in user as in basicAuth

This commit is contained in:
QuantumEntangledAndy 2024-10-09 15:09:10 +07:00
parent 06a7bdd3ce
commit ad316c6d78
No known key found for this signature in database
GPG Key ID: 3EB4B66F30C609B6
1 changed files with 9 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
src/users.js
View File

@ -656,22 +656,25 @@ async function basicUserLogin(request) {
return false;
}
const authHeader = request.get('Authorization');
const authHeader = request.headers.authorization;
if (!authHeader) {
return false;
}
const parts = authHeader.split(' ');
if (!parts || parts.length < 2 || parts[0].toLowerCase() !== 'basic') {
const [scheme, credentials] = authHeader.split(' ');
if (scheme !== 'Basic' || !credentials) {
return false;
}
const b64auth = parts[1];
const [login, password] = Buffer.from(b64auth, 'base64').toString().split(':');
const [username, password] = Buffer.from(credentials, 'base64')
.toString('utf8')
.split(':');
const userHandles = await getAllUserHandles();
for (const userHandle of userHandles) {
if (login === userHandle) {
if (username === userHandle) {
const user = await storage.getItem(toKey(userHandle));
// Verify pass again here just to be sure
if (user && user.enabled && user.password && user.password === getPasswordHash(password, user.salt)) {