skorotkiewicz/rDrama
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

sfd

Browse source
This commit is contained in:
Aevann1 2022-02-13 23:25:09 +02:00
parent a95bff2d76
commit 59773aaa30
20 changed files with 36 additions and 56 deletions
Download patch file Download diff file Expand all files Collapse all files

8
files/routes/login.py
View file

@ -87,7 +87,9 @@ def login_post():
if not username: abort(400)
if username.startswith('@'): username = username[1:]
if "@" in username: account = g.db.query(User).filter(User.email.ilike(username)).one_or_none()
if "@" in username:
try: account = g.db.query(User).filter(User.email.ilike(username)).one_or_none()
except: return "Multiple users use this email!"
else: account = get_user(username, graceful=True)
if not account:
@ -117,9 +119,7 @@ def login_post():
return redirect(f'{SITE_FULL}/login')
formhash = request.values.get("hash")
if not validate_hash(f"{account.id}+{request.values.get('time')}+2fachallenge",
formhash
):
if not validate_hash(f"{account.id}+{request.values.get('time')}+2fachallenge", formhash):
return redirect(f"{SITE_FULL}/login")
if not account.validate_2fa(request.values.get("2fa_token", "").strip()):