UniqueSoft/wireadmin
2
0
Fork 0
mirror of https://github.com/wireadmin/wireadmin synced 2025-06-26 18:28:06 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

fix

Browse Source
This commit is contained in:
Shahrad Elahi
2024-05-29 19:48:49 +03:30
parent bd2ddbb08b
commit f0d675dc39
6 changed files with 43 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
web/src/lib/env.ts
View File

@@ -12,7 +12,7 @@ export const env = createEnv({
server: {
STORAGE_PATH: z.string().default('/data/storage.pack'),
AUTH_SECRET: z.string().default(sha256(randomUUID())),
HASHED_PASSWORD: z.string().default(sha256('insecure-password')),
ADMIN_PASSWORD: z.string().default('insecure-password'),
// -----
NODE_ENV: z.enum(['development', 'production', 'test']).default('development'),
ORIGIN: z.string().optional(),

7
web/src/routes/login/+page.server.ts
View File

@@ -28,13 +28,10 @@ export const actions: Actions = {
return fail(400, { ok: false, message: 'Bad Request', form });
}
const { HASHED_PASSWORD } = env;
const { ADMIN_PASSWORD } = env;
const { password } = form.data;
const hashed = HASHED_PASSWORD.toLowerCase();
const receivedHashed = sha256(password).toLowerCase();
if (hashed !== receivedHashed) {
if (sha256(ADMIN_PASSWORD).toLowerCase() !== sha256(password).toLowerCase()) {
logger.debug('Action: Login: failed to validate password.');
return setError(form, 'password', 'Incorrect password.');
}