G-tix
/
rDrama
forked from rDrama/rDrama
1
0
Fork 0
Code Pull Requests Activity

change wrong response codes

master
Aevann 2023-07-23 03:36:28 +03:00
parent 4dfaced994
commit 1a9e442331
2 changed files with 7 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
files/routes/login.py
View File

@ -55,14 +55,14 @@ def login_post(v:Optional[User]):
if not account:
time.sleep(random.uniform(0, 2))
return render_template("login/login.html", failed=True, redirect=redir), 401
return render_template("login/login.html", failed=True, redirect=redir), 400
if request.values.get("password"):
if not account.verifyPass(request.values.get("password")):
log_failed_admin_login_attempt(account, "password")
time.sleep(random.uniform(0, 2))
return render_template("login/login.html", failed=True, redirect=redir), 401
return render_template("login/login.html", failed=True, redirect=redir), 400
if account.mfa_secret or session.get("GLOBAL"):
now = int(time.time())
@ -95,7 +95,7 @@ def login_post(v:Optional[User]):
hash=hash,
failed=True,
redirect=redir,
), 401
), 400
else:
abort(400)

6
files/routes/oauth.py
View File

@ -14,7 +14,8 @@ from files.__main__ import app, limiter
def authorize_prompt(v:User):
client_id = request.values.get("client_id")
application = g.db.query(OauthApp).filter_by(client_id=client_id).one_or_none()
if not application: return {"oauth_error": "Invalid `client_id`"}, 401
if not application:
return {"oauth_error": "Invalid `client_id`"}, 400
return render_template("oauth.html", v=v, application=application)
@app.post("/authorize")
@ -26,7 +27,8 @@ def authorize_prompt(v:User):
def authorize(v):
client_id = request.values.get("client_id")
application = g.db.query(OauthApp).filter_by(client_id=client_id).one_or_none()
if not application: return {"oauth_error": "Invalid `client_id`"}, 401
if not application:
return {"oauth_error": "Invalid `client_id`"}, 400
access_token = secrets.token_urlsafe(128)[:128]
try: