Upstream/Plan
1
0
Fork 0
mirror of https://github.com/plan-player-analytics/Plan.git synced 2024-12-27 19:47:49 +01:00
Code Issues Projects Releases Wiki Activity

Stop differentiating between wrong pass and user not existing

Browse Source
This commit is contained in:
Risto Lahtela 2021-01-23 21:54:27 +02:00
parent 5fae224ef6
commit 3b52cc5f0c
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Plan/common/src/main/java/com/djrapitops/plan/delivery/webserver/resolver/auth/LoginResolver.java
View File

@ -71,7 +71,7 @@ public class LoginResolver implements NoAuthResolver {
String username = query.get("user").orElseThrow(() -> new BadRequestException("'user' parameter not defined"));
String password = query.get("password").orElseThrow(() -> new BadRequestException("'password' parameter not defined"));
User user = dbSystem.getDatabase().query(WebUserQueries.fetchUser(username))
.orElseThrow(() -> new BadRequestException(FailReason.USER_DOES_NOT_EXIST.getReason() + ": " + username));
.orElseThrow(() -> new WebUserAuthException(FailReason.USER_PASS_MISMATCH));
boolean correctPass = user.doesPasswordMatch(password);
if (!correctPass) {