diff options
author | Julien Dessaux | 2024-11-16 00:36:17 +0100 |
---|---|---|
committer | Julien Dessaux | 2024-11-16 00:36:17 +0100 |
commit | 5b6da560896970c610c691dff6ed052a57ed5a1d (patch) | |
tree | 7ec12f39943513230659d3068d59e8687770f053 /pkg/basic_auth/middleware.go | |
parent | fix(tfstated): return 403 Forbidden on non existent account (diff) | |
download | tfstated-5b6da560896970c610c691dff6ed052a57ed5a1d.tar.gz tfstated-5b6da560896970c610c691dff6ed052a57ed5a1d.tar.bz2 tfstated-5b6da560896970c610c691dff6ed052a57ed5a1d.zip |
fix(tfstated): hash passwords instead of relying on the database encryption key
Diffstat (limited to 'pkg/basic_auth/middleware.go')
-rw-r--r-- | pkg/basic_auth/middleware.go | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/pkg/basic_auth/middleware.go b/pkg/basic_auth/middleware.go index 1b51c8a..7f8fb4a 100644 --- a/pkg/basic_auth/middleware.go +++ b/pkg/basic_auth/middleware.go @@ -27,7 +27,7 @@ func Middleware(db *database.DB) func(http.Handler) http.Handler { http.Error(w, "Forbidden", http.StatusForbidden) return } - if password != account.Password { + if !account.CheckPassword(password) { http.Error(w, "Forbidden", http.StatusForbidden) return } |