ARCHIVE/clio
1
0
Fork 0
mirror of https://github.com/XRPLF/clio.git synced 2026-04-29 15:37:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

Admin password (#958)

Browse Source 
Fix #922
This commit is contained in:
cyan317
2023-10-31 15:39:20 +00:00
committed by GitHub
parent 1ce7bcbc28
commit 5e9e5f6f65
6 changed files with 154 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
src/web/impl/AdminVerificationStrategy.cpp
View File

@@ -19,6 +19,8 @@
#include <web/impl/AdminVerificationStrategy.h>
#include <ripple/protocol/digest.h>
namespace web::detail {
bool
@@ -27,9 +29,16 @@ IPAdminVerificationStrategy::isAdmin(RequestType const&, std::string_view ip) co
return ip == "127.0.0.1";
}
PasswordAdminVerificationStrategy::PasswordAdminVerificationStrategy(std::string password)
: password_(std::move(password))
PasswordAdminVerificationStrategy::PasswordAdminVerificationStrategy(std::string const& password)
{
ripple::sha256_hasher hasher;
hasher(password.data(), password.size());
auto const d = static_cast<ripple::sha256_hasher::result_type>(hasher);
ripple::uint256 sha256;
std::memcpy(sha256.data(), d.data(), d.size());
passwordSha256_ = ripple::to_string(sha256);
// make sure it's uppercase
std::transform(passwordSha256_.begin(), passwordSha256_.end(), passwordSha256_.begin(), ::toupper);
}
bool
@@ -40,8 +49,9 @@ PasswordAdminVerificationStrategy::isAdmin(RequestType const& request, std::stri
// No Authorization header
return false;
}
return it->value() == password_;
std::string userAuth(it->value());
std::transform(userAuth.begin(), userAuth.end(), userAuth.begin(), ::toupper);
return passwordSha256_ == userAuth;
}
std::unique_ptr<AdminVerificationStrategy>