GithubFollow/One-KVM
1
0
Fork 0
mirror of https://github.com/mofeng-git/One-KVM.git synced 2026-01-29 17:11:52 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

improved security checks

Browse Source
This commit is contained in:
Devaev Maxim
2020-05-15 17:30:14 +03:00
parent a364e689c6
commit 2eef3061ce
7 changed files with 46 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
kvmd/plugins/auth/htpasswd.py
View File

@@ -43,5 +43,7 @@ class Plugin(BaseAuthService):
}
async def authorize(self, user: str, passwd: str) -> bool:
assert user == user.strip()
assert user
htpasswd = passlib.apache.HtpasswdFile(self.__path)
return htpasswd.check_password(user, passwd)

2
kvmd/plugins/auth/http.py
View File

@@ -71,6 +71,8 @@ class Plugin(BaseAuthService):
}
async def authorize(self, user: str, passwd: str) -> bool:
assert user == user.strip()
assert user
session = self.__ensure_session()
try:
async with session.request(

2
kvmd/plugins/auth/pam.py
View File

@@ -67,6 +67,8 @@ class Plugin(BaseAuthService):
}
async def authorize(self, user: str, passwd: str) -> bool:
assert user == user.strip()
assert user
async with self.__lock:
return (await aiotools.run_async(self.__inner_authorize, user, passwd))