From dd2baab2d69474a907025cc8de52133a8d002568 Mon Sep 17 00:00:00 2001 From: Apex Liu Date: Wed, 17 Aug 2022 02:00:02 +0800 Subject: [PATCH] secure hot-fix --- server/www/teleport/webroot/app/controller/auth.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/server/www/teleport/webroot/app/controller/auth.py b/server/www/teleport/webroot/app/controller/auth.py index d02fc9d..0bad57e 100644 --- a/server/www/teleport/webroot/app/controller/auth.py +++ b/server/www/teleport/webroot/app/controller/auth.py @@ -109,7 +109,8 @@ class DoLoginHandler(TPBaseJsonHandler): return self.write_json(TPE_CAPTCHA_EXPIRED, '验证码已失效') if code.lower() != captcha.lower(): return self.write_json(TPE_CAPTCHA_MISMATCH, '验证码错误') - elif login_type in [TP_LOGIN_AUTH_USERNAME_OATH, TP_LOGIN_AUTH_USERNAME_PASSWORD_OATH]: + + if login_type in [TP_LOGIN_AUTH_USERNAME_OATH, TP_LOGIN_AUTH_USERNAME_PASSWORD_OATH]: if oath is None or len(oath) == 0: return self.write_json(TPE_OATH_MISMATCH, '未提供身份验证器动态验证码')