amikhalev/sprinklers3
1
1
Fork 0
Code Issues 9 Pull Requests 1 Releases Wiki Activity

Actually comparing the password when granting a token is important

Browse Source
This commit is contained in:
Alex Mikhalev 2018-07-02 15:25:35 -06:00
parent 2baca5fdd0
commit 853770a9e8
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
server/express/authentication.ts
View File

@ -104,13 +104,13 @@ export function authentication(state: ServerState) {
}
const user = await User.loadByUsername(state.database, username);
if (!user) {
throw new ApiError(401, "User does not exist");
throw new ApiError(400, "User does not exist");
}
const passwordMatches = user.comparePassword(password);
const passwordMatches = await user.comparePassword(password);
if (passwordMatches) {
return user;
} else {
throw new ApiError(400, "User does not exist");
throw new ApiError(401, "Invalid user credentials");
}
}