IT4Change/gradido
3
0
Fork 0
mirror of https://github.com/IT4Change/gradido.git synced 2026-04-06 01:25:28 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #487 from gradido/login_wait_on_passwords_with_missing_chars

Browse Source 
Login wait on passwords with missing chars
This commit is contained in:
einhornimmond 2021-06-08 16:52:49 +02:00 committed by GitHub
commit 0381f6900e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 14 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
login_server/src/cpp/JSONInterface/JsonUnsecureLogin.cpp
View File

@ -58,31 +58,37 @@ Poco::JSON::Object* JsonUnsecureLogin::handle(Poco::Dynamic::Var params)
} }
auto user = controller::User::create(); auto user = controller::User::create();
std::string message;
std::string details;
if (email.size()) { if (email.size()) {
if (!sm->isValid(email, VALIDATE_EMAIL)) { if (!sm->isValid(email, VALIDATE_EMAIL)) {
return stateError("invalid email"); message = "invalid email";
} }
if (1 != user->load(email)) { if (1 != user->load(email)) {
return stateError("user with email not found", email); message = "user with email not found";
details = email;
} }
} }
else if (username.size() > 0) { else if (username.size() > 0) {
if (1 != user->load(username)) { if (1 != user->load(username)) {
return stateError("user with username not found", username); message = "user with username not found";
details = username;
} }
email = user->getModel()->getEmail(); email = user->getModel()->getEmail();
} }
if (message.size()) {
Poco::Thread::sleep(ServerConfig::g_FakeLoginSleepTime);
return stateError(message.data(), details);
}
NotificationList pwd_errors; NotificationList pwd_errors;
Poco::JSON::Object* result = new Poco::JSON::Object; Poco::JSON::Object* result = new Poco::JSON::Object;
if (!password.size() || !sm->checkPwdValidation(password, &pwd_errors, LanguageManager::getInstance()->getFreeCatalog(LANG_EN))) { if (!password.size() || !sm->checkPwdValidation(password, &pwd_errors, LanguageManager::getInstance()->getFreeCatalog(LANG_EN))) {
Poco::Thread::sleep(ServerConfig::g_FakeLoginSleepTime);
result->set("state", "error"); result->set("state", "error");
result->set("msg", pwd_errors.getLastError()->getString(false)); result->set("msg", "password incorrect");
if (pwd_errors.errorCount()) {
result->set("details", pwd_errors.getLastError()->getString(false));
}
return result; return result;
} }