haiwen/seahub
1
0
Fork 0
mirror of https://github.com/haiwen/seahub.git synced 2025-09-20 02:48:51 +00:00
Code Issues Releases Wiki Activity

Merge pull request #4936 from haiwen/webdav-secret

Browse Source 
length of webdav secret should be less than 30
This commit is contained in:
Daniel Pan
2021-07-17 10:35:46 +08:00
committed by GitHub
parent 32bc79abd9 efe06971ac
commit ea6c4803e0
2 changed files with 6 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
seahub/api2/endpoints/webdav_secret.py
View File

@@ -7,6 +7,8 @@ from rest_framework.permissions import IsAuthenticated
from rest_framework.response import Response from rest_framework.response import Response
from rest_framework.views import APIView from rest_framework.views import APIView
from django.utils.translation import ugettext as _
from seahub.api2.authentication import TokenAuthentication from seahub.api2.authentication import TokenAuthentication
from seahub.api2.throttling import UserRateThrottle from seahub.api2.throttling import UserRateThrottle
from seahub.api2.utils import api_error from seahub.api2.utils import api_error
@@ -43,6 +45,9 @@ class WebdavSecretView(APIView):
username = request.user.username username = request.user.username
secret = request.data.get("secret", None) secret = request.data.get("secret", None)
if len(secret) >= 30:
return api_error(status.HTTP_400_BAD_REQUEST,
_("Length of WebDav password should be less then 30."))
if secret: if secret:
encoded = aes.encode(secret) encoded = aes.encode(secret)

1
seahub/utils/hasher.py
View File

@@ -51,4 +51,5 @@ class AESPasswordHasher:
raise AESPasswordDecodeError raise AESPasswordDecodeError
data = data.encode('utf-8') data = data.encode('utf-8')
data += b'='*4
return DecodeAES(self.cipher, data) return DecodeAES(self.cipher, data)