proxmox-mirrors/proxmox-widget-toolkit
1
0
Fork 1
mirror of https://git.proxmox.com/git/proxmox-widget-toolkit synced 2025-05-11 19:21:42 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

fix #2758: reject 'tfa' cookies

Browse Source 
return false on authOK when the ticket is a tfa ticket
(starts with PVE:tfa!)

when a user now loads the page with only a tfa ticket, it shows the
login window again

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
This commit is contained in:
Dominik Csapak 2020-05-25 10:35:02 +02:00 committed by Thomas Lamprecht
parent eaa0fcbd77
commit ac6184986c
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
Utils.js
View File

@ -207,7 +207,8 @@ Ext.define('Proxmox.Utils', { utilities: {
if (Proxmox.LoggedOut) { if (Proxmox.LoggedOut) {
return undefined; return undefined;
} }
return (Proxmox.UserName !== '') && Ext.util.Cookies.get(Proxmox.Setup.auth_cookie_name); let cookie = Ext.util.Cookies.get(Proxmox.Setup.auth_cookie_name);
return (Proxmox.UserName !== '') && (cookie && !cookie.startsWith("PVE:tfa!"));
}, },
authClear: function() { authClear: function() {