vbatts/quay
Archived
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Have the verifyUser endpoint use the same confirm_existing_user method

Browse source 
This will prevent us from encountering the same problem as the generated encrypted password issue when using LDAP
This commit is contained in:
Joseph Schorr 2015-05-22 16:26:26 -04:00
parent 1117a2cdc6
commit 855f3a3e4d
1 changed files with 11 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
endpoints/api/user.py
View file

@ -537,7 +537,17 @@ class VerifyUser(ApiResource):
""" Verifies the signed in the user with the specified credentials. """ """ Verifies the signed in the user with the specified credentials. """
signin_data = request.get_json() signin_data = request.get_json()
password = signin_data['password'] password = signin_data['password']
return conduct_signin(get_authenticated_user().username, password)
username = get_authenticated_user().username
(result, error_message) = authentication.confirm_existing_user(username, password)
if not result:
return {
'message': error_message,
'invalidCredentials': True,
}, 403
common_login(result)
return {'success': True}
@resource('/v1/signout') @resource('/v1/signout')