martin/databag
1
0
Fork 0
mirror of https://github.com/balzack/databag.git synced 2025-02-14 12:39:17 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

handle special characters in password

Browse Source
This commit is contained in:
Roland Osborne 2023-05-06 23:46:45 -07:00
parent ea2fdec293
commit 1961042e0e
3 changed files with 14 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
net/server/internal/authUtil.go
View File

@ -334,15 +334,15 @@ func BasicCredentials(r *http.Request) (string, []byte, error) {
return username, password, err return username, password, err
} }
// parse credentials login := string(credentials)
login := strings.Split(string(credentials), ":") idx := strings.Index(login, ":");
if login[0] == "" || login[1] == "" { if idx <= 0 {
return username, password, errors.New("invalid credentials") return username, password, errors.New("invalid credentials")
} }
username = login[0]
// hash password // hash password
password, err = bcrypt.GenerateFromPassword([]byte(login[1]), bcrypt.DefaultCost) username = login[0:idx]
password, err = bcrypt.GenerateFromPassword([]byte(login[idx+1:]), bcrypt.DefaultCost)
if err != nil { if err != nil {
return username, password, err return username, password, err
} }

2
net/web/src/access/createAccount/CreateAccount.jsx
View File

@ -15,7 +15,7 @@ export function CreateAccount() {
catch(err) { catch(err) {
modal.error({ modal.error({
title: 'Create Account Error', title: 'Create Account Error',
content: 'Please check with you administrator.', content: 'Please check with your administrator.',
bodyStyle: { padding: 16 }, bodyStyle: { padding: 16 },
}); });
} }

10
net/web/src/access/createAccount/useCreateAccount.hook.js
View File

@ -1,6 +1,7 @@
import { useContext, useState, useEffect, useRef } from 'react'; import { useContext, useState, useEffect, useRef } from 'react';
import { AppContext } from 'context/AppContext'; import { AppContext } from 'context/AppContext';
import { useNavigate, useLocation } from "react-router-dom"; import { useNavigate, useLocation } from "react-router-dom";
import { getUsername } from 'api/getUsername';
export function useCreateAccount() { export function useCreateAccount() {
@ -27,9 +28,9 @@ export function useCreateAccount() {
setChecked(false) setChecked(false)
clearTimeout(debounce.current) clearTimeout(debounce.current)
debounce.current = setTimeout(async () => { debounce.current = setTimeout(async () => {
if (app.actions?.username && name !== '') { if (name !== '') {
try { try {
let valid = await app.actions.username(name, state.token) let valid = await getUsername(name, state.token)
if (!valid) { if (!valid) {
updateState({ validateStatus: 'error', help: 'Username is not available' }) updateState({ validateStatus: 'error', help: 'Username is not available' })
} }
@ -61,8 +62,9 @@ export function useCreateAccount() {
updateState({ confirm }); updateState({ confirm });
}, },
isDisabled: () => { isDisabled: () => {
if (state.username === '' || state.password === '' || state.password !== state.confirm || !checked || const restricted = new RegExp('[!@#$%^&*()\ ,.?":{}|<>]', 'i');
state.validateStatus === 'error') { if (state.username === '' || restricted.test(state.username) || state.password === '' ||
state.password !== state.confirm || !checked || state.validateStatus === 'error') {
return true return true
} }
return false return false