Pro-Idler
/
AccountHub
forked from Business/AccountHub
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Check for apppass option in login api

Browse Source
master
Skylar Ittner 5 years ago
parent 22fb97d0c4
commit 04702f6090
2 changed files with 13 additions and 2 deletions
Show Stats Download Patch File Download Diff File

12
api/actions/login.php
Unescape Escape View File

@ -8,7 +8,17 @@
engageRateLimit(); engageRateLimit();
$user = User::byUsername($VARS['username']); $user = User::byUsername($VARS['username']);
if ((!$user->has2fa() && $user->checkPassword($VARS['password'])) || $user->checkAppPassword($VARS['password'])) {
$ok = false;
if (empty($VARS['apppass']) && ($user->checkPassword($VARS['password']) || $user->checkAppPassword($VARS['password']))) {
$ok = true;
} else {
if ((!$user->has2fa() && $user->checkPassword($VARS['password'])) || $user->checkAppPassword($VARS['password'])) {
$ok = true;
}
}
if ($ok) {
switch ($user->getStatus()->getString()) { switch ($user->getStatus()->getString()) {
case "LOCKED_OR_DISABLED": case "LOCKED_OR_DISABLED":
Log::insert(LogType::API_LOGIN_FAILED, $uid, "Username: " . strtolower($VARS['username']) . ", Key: " . getCensoredKey()); Log::insert(LogType::API_LOGIN_FAILED, $uid, "Username: " . strtolower($VARS['username']) . ", Key: " . getCensoredKey());

3
api/apisettings.php
Unescape Escape View File

@ -70,7 +70,8 @@ $APIS = [
"load" => "login.php", "load" => "login.php",
"vars" => [ "vars" => [
"username" => "string", "username" => "string",
"password" => "string" "password" => "string",
"apppass (optional)" => "/[0-1]/"
], ],
"keytype" => "AUTH" "keytype" => "AUTH"
], ],

Write Preview
Loading…
Cancel
Save