mirror of
https://github.com/solero/houdini.git
synced 2024-11-25 15:07:24 +00:00
Catch exception when the client sends a false login key that isn't found in redis.
This commit is contained in:
parent
dbf7e4d35e
commit
7552998bbe
@ -77,7 +77,11 @@ async def handle_legacy_login(p, credentials: Credentials):
|
|||||||
tr.delete(f'{credentials.username}.lkey', f'{credentials.username}.ckey')
|
tr.delete(f'{credentials.username}.lkey', f'{credentials.username}.ckey')
|
||||||
login_key, _ = await tr.execute()
|
login_key, _ = await tr.execute()
|
||||||
|
|
||||||
|
try:
|
||||||
login_key = login_key.decode()
|
login_key = login_key.decode()
|
||||||
|
except:
|
||||||
|
return await p.close()
|
||||||
|
|
||||||
login_hash = Crypto.encrypt_password(login_key + p.server.config.auth_key) + login_key
|
login_hash = Crypto.encrypt_password(login_key + p.server.config.auth_key) + login_key
|
||||||
|
|
||||||
if login_key is None or login_hash != credentials.password:
|
if login_key is None or login_hash != credentials.password:
|
||||||
|
Loading…
Reference in New Issue
Block a user