Commit af368ed4 authored by okhin's avatar okhin 🚴

Fixing some auth code

parent 8d15804f
Pipeline #952 passed with stage
in 2 seconds
...@@ -490,15 +490,15 @@ def static_files(filepath): ...@@ -490,15 +490,15 @@ def static_files(filepath):
def login_admin(user, password): def login_admin(user, password):
db = sqlite3.connect(config['piphone']['db']) db = sqlite3.connect(config['piphone']['db'])
user = db.execute('SELECT api, token, admin FROM users where api = ?', (user,)) sql_user = db.execute('SELECT token, admin FROM users where api = ?', (user,))
user = user.fetchone() sql_user = sql_user.fetchone()
if user is None: if sql_user is None:
# user does not exist # user does not exist
return False return False
if password != user[1]: if password != sql_user[0]:
# password does not match # password does not match
return False return False
if user[2] == 0: if sql_user[1] == 0:
# User is not admin # User is not admin
return False return False
return True return True
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment