From 5b6da560896970c610c691dff6ed052a57ed5a1d Mon Sep 17 00:00:00 2001 From: Julien Dessaux Date: Sat, 16 Nov 2024 00:36:17 +0100 Subject: fix(tfstated): hash passwords instead of relying on the database encryption key --- pkg/basic_auth/middleware.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'pkg/basic_auth/middleware.go') diff --git a/pkg/basic_auth/middleware.go b/pkg/basic_auth/middleware.go index 1b51c8a..7f8fb4a 100644 --- a/pkg/basic_auth/middleware.go +++ b/pkg/basic_auth/middleware.go @@ -27,7 +27,7 @@ func Middleware(db *database.DB) func(http.Handler) http.Handler { http.Error(w, "Forbidden", http.StatusForbidden) return } - if password != account.Password { + if !account.CheckPassword(password) { http.Error(w, "Forbidden", http.StatusForbidden) return } -- cgit v1.2.3