Mirrors/mealie
1
0
Fork 0
mirror of https://github.com/mealie-recipes/mealie.git synced 2025-12-28 21:15:26 -05:00
Code Issues Packages Projects Releases Wiki Activity

security: delay server response whenever username is non existing (#1338)

Browse Source 
* Delay server response whenever username is non existing

* utilize hasher to achieve constant timing

Co-authored-by: Hayden <64056131+hay-kot@users.noreply.github.com>
This commit is contained in:
Jurjen de Jonge
2022-06-04 21:27:30 +03:00
committed by GitHub
parent 12f480eb75
commit abb114c375
2 changed files with 10 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
mealie/routes/auth/auth.py
View File

@@ -49,6 +49,7 @@ class MealieAuthToken(BaseModel):
@public_router.post("/token")
def get_token(data: CustomOAuth2Form = Depends(), session: Session = Depends(generate_session)):
email = data.username
password = data.password