proxmox-mirrors/pve-manager
1
0
Fork 0
mirror of https://git.proxmox.com/git/pve-manager synced 2025-08-03 15:01:02 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

check if user is enabled after verifying a ticket

Browse Source 
when a user is disabled, we do not touch any ACLs, and already issued
tickets are still valid (until their expiration time)

check directly after the verification of the ticket if the user
is still enabled, so that any api call fails for that user

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
This commit is contained in:
Dominik Csapak 2020-03-12 15:09:21 +01:00 committed by Thomas Lamprecht
parent 3b82e4cf43
commit 86f64e0d8b
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
PVE/HTTPServer.pm
View File

@ -85,6 +85,7 @@ sub auth_handler {
die "No ticket\n" if !$ticket;
($username, $age, my $tfa_info) = PVE::AccessControl::verify_ticket($ticket);
$rpcenv->check_user_enabled($username);
if (defined($tfa_info)) {
if (defined(my $challenge = $tfa_info->{challenge})) {