lamassu/lamassu-server
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix: login with disabled used

Browse source
This commit is contained in:
Sérgio Salgado 2021-04-16 19:40:05 +01:00 committed by Josh Harvey
parent 9d028897bd
commit 6eaebc3108
1 changed files with 1 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

3
lib/new-admin/graphql/modules/authentication.js
View file

@ -1,6 +1,5 @@
const otplib = require('otplib') const otplib = require('otplib')
const bcrypt = require('bcrypt') const bcrypt = require('bcrypt')
const { AuthenticationError } = require('apollo-server-express')
const loginHelper = require('../../services/login') const loginHelper = require('../../services/login')
const T = require('../../../time') const T = require('../../../time')
@ -14,7 +13,7 @@ function authenticateUser(username, password) {
return users.getUserByUsername(username) return users.getUserByUsername(username)
.then(user => { .then(user => {
const hashedPassword = user.password const hashedPassword = user.password
if (!hashedPassword) throw new authErrors.InvalidCredentialsError() if (!hashedPassword || !user.enabled) throw new authErrors.InvalidCredentialsError()
return Promise.all([bcrypt.compare(password, hashedPassword), hashedPassword]) return Promise.all([bcrypt.compare(password, hashedPassword), hashedPassword])
}) })
.then(([isMatch, hashedPassword]) => { .then(([isMatch, hashedPassword]) => {