MIGDYN/irclogger_web
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Frontend: Fix user password changing and use HTTP 307 for redirecting

Browse Source
This commit is contained in:
mrkubax10 2023-09-12 11:38:11 +02:00
parent f36cd5085f
commit c296f53678
2 changed files with 2 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
frontend.pm
View File

@ -326,7 +326,7 @@ sub redirect {
my $aClient = $_[0]; my $aClient = $_[0];
my $aLocation = $_[1]; my $aLocation = $_[1];
my $response = getBaseResponse(301, "Moved Permanently"); my $response = getBaseResponse(307, "Temporary Redirect");
$response.="Content-Length: 0\r\n"; $response.="Content-Length: 0\r\n";
$response.="Location: $aLocation\r\n"; $response.="Location: $aLocation\r\n";
$aClient->send($response); $aClient->send($response);

3
frontend_routes.pm
View File

@ -256,8 +256,7 @@ sub handlePath {
$query->execute($session->{"username"}); $query->execute($session->{"username"});
my @row = $query->fetchrow_array(); my @row = $query->fetchrow_array();
my $password = $row[0]; my $password = $row[0];
my $hashedPassword = Digest::SHA::sha256_hex($password); if($password ne Digest::SHA::sha256_hex($parameters{"currentPassword"})) {
if($hashedPassword ne $password) {
frontend::sendBadRequest($aClient, "Wrong password"); frontend::sendBadRequest($aClient, "Wrong password");
return 1; return 1;
} }