github/plexpy
1
0
Fork 0
mirror of https://github.com/Tautulli/Tautulli.git synced 2025-07-16 02:02:58 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Always hash http password

Browse source
This commit is contained in:
JonnyWong16 2021-06-15 21:09:37 -07:00
parent dff9a56950
commit b0a395ad0b
No known key found for this signature in database
GPG key ID: B1F1F9807184697A
6 changed files with 21 additions and 78 deletions
Download patch file Download diff file Expand all files Collapse all files

7
plexpy/webauth.py
View file

@ -132,12 +132,7 @@ def check_credentials(username=None, password=None, token=None, admin_login='0',
if username and password:
if plexpy.CONFIG.HTTP_PASSWORD:
user_details = {'user_id': None, 'username': username}
if plexpy.CONFIG.HTTP_HASHED_PASSWORD and \
username == plexpy.CONFIG.HTTP_USERNAME and check_hash(password, plexpy.CONFIG.HTTP_PASSWORD):
return True, user_details, 'admin'
elif not plexpy.CONFIG.HTTP_HASHED_PASSWORD and \
username == plexpy.CONFIG.HTTP_USERNAME and password == plexpy.CONFIG.HTTP_PASSWORD:
if username == plexpy.CONFIG.HTTP_USERNAME and check_hash(password, plexpy.CONFIG.HTTP_PASSWORD):
return True, user_details, 'admin'
if plexpy.CONFIG.HTTP_PLEX_ADMIN or (not admin_login == '1' and plexpy.CONFIG.ALLOW_GUEST_ACCESS):