burmatovan/openuds
1
0
Fork 0
forked from shaba/openuds
Code Issues Pull Requests Projects Releases Wiki Activity

restored deleted line by mistake on auth

Browse Source
This commit is contained in:
Adolfo Gómez García 2022-09-15 13:06:13 +02:00
parent 1c01c35a87
commit 98f56ee58b
No known key found for this signature in database
GPG Key ID: DD1ABF20724CDA23
1 changed files with 3 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
server/src/uds/core/auths/auth.py
View File

@ -380,12 +380,11 @@ def webLogin(
request.authorized = (
False # For now, we don't know if the user is authorized until MFA is checked
)
# If Enabled paranoid securit6, do not cache encrypted password
# Note that encripted password is done using a value that the server does not know
# unless a request by a valid user is done, so, if the server is compromised, the
# password is not compromised.
# If Enabled zero trust, do not cache credentials
if GlobalConfig.ENFORCE_ZERO_TRUST.getBool(False):
password = ''
request.session[USER_KEY] = user.id
request.session[PASS_KEY] = cryptoManager().symCrypt(
password, cookie
) # Stores "bytes"