diff options
Diffstat (limited to 'src/auth.js')
-rw-r--r-- | src/auth.js | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/src/auth.js b/src/auth.js index f49ca38..5f83cea 100644 --- a/src/auth.js +++ b/src/auth.js | |||
@@ -47,13 +47,13 @@ if (LDAP_URL && LDAP_USERS_BASE_DN) { | |||
47 | function (req, res, next) { | 47 | function (req, res, next) { |
48 | var users = safe.JSON.parse(safe.fs.readFileSync(LOCAL_AUTH_FILE)); | 48 | var users = safe.JSON.parse(safe.fs.readFileSync(LOCAL_AUTH_FILE)); |
49 | if (!users) return res.send(401); | 49 | if (!users) return res.send(401); |
50 | if (!users[req.query.username]) return res.send(401); | 50 | if (!users[req.body.username]) return res.send(401); |
51 | 51 | ||
52 | bcrypt.compare(req.query.password, users[req.query.username].passwordHash, function (error, valid) { | 52 | bcrypt.compare(req.body.password, users[req.body.username].passwordHash, function (error, valid) { |
53 | if (error || !valid) return res.send(401); | 53 | if (error || !valid) return res.send(401); |
54 | 54 | ||
55 | req.user = { | 55 | req.user = { |
56 | username: req.query.username | 56 | username: req.body.username |
57 | }; | 57 | }; |
58 | 58 | ||
59 | next(); | 59 | next(); |