docker/mailu
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Unescape passwords before cecking

Browse Source
This commit is contained in:
kaiyou
2017-10-22 10:49:31 +02:00
parent 0a74213eae
commit ec6d5acc18
1 changed files with 3 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
admin/mailu/internal/nginx.py
View File

@@ -1,6 +1,7 @@
from mailu import db, models from mailu import db, models
import socket import socket
import urllib
SUPPORTED_AUTH_METHODS = ["none", "plain"] SUPPORTED_AUTH_METHODS = ["none", "plain"]
@@ -36,8 +37,8 @@ def handle_authentication(headers):
} }
# Authenticated user # Authenticated user
elif method == "plain": elif method == "plain":
user_email = headers["Auth-User"] user_email = urllib.parse.unquote(headers["Auth-User"])
password = headers["Auth-Pass"] password = urllib.parse.unquote(headers["Auth-Pass"])
user = models.User.query.get(user_email) user = models.User.query.get(user_email)
if user and user.check_password(password): if user and user.check_password(password):
return { return {