fix: harden login for MLPS requirements
This commit is contained in:
@@ -25,10 +25,19 @@ func NewAuthHandler(a *bootstrap.App) *AuthHandler {
|
||||
a.JWT,
|
||||
a.Sessions,
|
||||
a.LoginGuard,
|
||||
),
|
||||
).WithPasswordCipher(a.PasswordCipher),
|
||||
}
|
||||
}
|
||||
|
||||
func (h *AuthHandler) PasswordPublicKey(c *gin.Context) {
|
||||
key := h.svc.PasswordPublicKey()
|
||||
if key == nil {
|
||||
response.Error(c, response.ErrNotFound(40420, "password_cipher_disabled", "password cipher is disabled"))
|
||||
return
|
||||
}
|
||||
response.Success(c, key)
|
||||
}
|
||||
|
||||
func (h *AuthHandler) Login(c *gin.Context) {
|
||||
var req app.LoginRequest
|
||||
if err := c.ShouldBindJSON(&req); err != nil {
|
||||
|
||||
Reference in New Issue
Block a user