github/plexpy
1
0
Fork 0
mirror of https://github.com/Tautulli/Tautulli.git synced 2025-07-16 02:02:58 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Always hash http password

Browse source
This commit is contained in:
JonnyWong16 2021-06-15 21:09:37 -07:00
parent dff9a56950
commit b0a395ad0b
No known key found for this signature in database
GPG key ID: B1F1F9807184697A
6 changed files with 21 additions and 78 deletions
Download patch file Download diff file Expand all files Collapse all files

8
plexpy/api2.py
View file

@ -647,13 +647,7 @@ General optional parameters:
data = None
apikey = hashlib.sha224(str(random.getrandbits(256)).encode('utf-8')).hexdigest()[0:32]
if plexpy.CONFIG.HTTP_USERNAME and plexpy.CONFIG.HTTP_PASSWORD:
authenticated = False
if plexpy.CONFIG.HTTP_HASHED_PASSWORD and \
username == plexpy.CONFIG.HTTP_USERNAME and check_hash(password, plexpy.CONFIG.HTTP_PASSWORD):
authenticated = True
elif not plexpy.CONFIG.HTTP_HASHED_PASSWORD and \
username == plexpy.CONFIG.HTTP_USERNAME and password == plexpy.CONFIG.HTTP_PASSWORD:
authenticated = True
authenticated = username == plexpy.CONFIG.HTTP_USERNAME and check_hash(password, plexpy.CONFIG.HTTP_PASSWORD)
if authenticated:
if plexpy.CONFIG.API_KEY: