mirror of
https://github.com/etesync/server
synced 2024-12-28 18:28:07 +00:00
login: gracefully handle bad login attempts.
This commit is contained in:
parent
215a260700
commit
15cd41db83
@ -647,7 +647,11 @@ class AuthenticationViewSet(viewsets.ViewSet):
|
||||
return Response(content, status=status.HTTP_400_BAD_REQUEST)
|
||||
|
||||
verify_key = nacl.signing.VerifyKey(bytes(user.userinfo.loginPubkey), encoder=nacl.encoding.RawEncoder)
|
||||
verify_key.verify(response_raw, signature)
|
||||
|
||||
try:
|
||||
verify_key.verify(response_raw, signature)
|
||||
except nacl.exceptions.BadSignatureError:
|
||||
return Response({'code': 'login_bad_signature'}, status=status.HTTP_400_BAD_REQUEST)
|
||||
|
||||
data = self.login_response_data(user)
|
||||
return Response(data, status=status.HTTP_200_OK)
|
||||
|
Loading…
Reference in New Issue
Block a user