bivashy/Blitz-Proxy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Hash admin password in the config file

Browse Source
This commit is contained in:
Iam54r1n4
2025-02-07 17:58:15 +00:00
parent 9dcace9792
commit bf6851a57d
2 changed files with 6 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
core/scripts/webpanel/routers/login/login.py
View File

@ -1,10 +1,11 @@
from fastapi import APIRouter, Depends, Form, Request
from fastapi.responses import RedirectResponse
from fastapi.templating import Jinja2Templates
from hashlib import sha256
from dependency import get_templates, get_session_manager
from session import SessionManager
from config import CONFIGS
from config import CONFIGS # type: ignore
router = APIRouter()
@ -23,10 +24,8 @@ async def login_post(
'''
Handles login form submission.
'''
ADMIN_USERNAME = CONFIGS.ADMIN_USERNAME
ADMIN_PASSWORD = CONFIGS.ADMIN_PASSWORD
if not username == ADMIN_USERNAME or not password == ADMIN_PASSWORD:
password_hash = sha256(password.encode()).hexdigest()
if not username == CONFIGS.ADMIN_USERNAME or not password_hash == CONFIGS.ADMIN_PASSWORD: # type: ignore
return templates.TemplateResponse('login.html', {'request': request, 'error': 'Invalid username or password'})
session_id = session_manager.set_session(username)