diff options
author | Blake DeMarcy <ofunknowndescent@gmail.com> | 2017-04-27 19:31:19 -0500 |
---|---|---|
committer | Blake DeMarcy <ofunknowndescent@gmail.com> | 2017-04-27 19:31:19 -0500 |
commit | ef4e07054a743977aab8cecc35366b959938c751 (patch) | |
tree | da23936c08bcd5a217028fa4d77ab1374fc95a43 /server.py | |
parent | 634a868030b6fc6512d7238b330e1ae265ee1c9d (diff) | |
download | bbj-ef4e07054a743977aab8cecc35366b959938c751.tar.gz |
lowercase all hashes
Diffstat (limited to 'server.py')
-rw-r--r-- | server.py | 4 |
1 files changed, 2 insertions, 2 deletions
@@ -59,7 +59,7 @@ def api_method(function): if not user: raise BBJUserError("User %s is not registered" % username) - elif auth != user["auth_hash"]: + elif auth.lower() != user["auth_hash"].lower(): raise BBJException(5, "Invalid authorization key for user.") # api_methods may choose to bind a usermap into the thread_data @@ -233,7 +233,7 @@ class API(object): """ validate(args, ["target_user", "target_hash"]) user = db.user_resolve(database, args["target_user"], return_false=False) - return args["target_hash"] == user["auth_hash"] + return args["target_hash"].lower() == user["auth_hash"].lower() @api_method |