gered/mtgcoll
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

don't keep user password in returned user profile

Browse source 
stops the password from being transmitted to the client in the user
profile sent there
This commit is contained in:
Gered 2016-06-29 23:16:00 -04:00
parent 6d0fe057d0
commit cf34a72bd8
1 changed files with 5 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
src/mtgcoll/auth.clj
View file

@ -9,7 +9,8 @@
(defn validate-credentials (defn validate-credentials
[username password] [username password]
(if (using-authorization?) (if (using-authorization?)
(->> (config/get :users) (as-> (config/get :users) x
(filter #(and (= username (:username %)) (filter #(and (= username (:username %))
(= password (:password %)))) (= password (:password %))) x)
(first)))) (first x)
(dissoc x :password))))