From 1b3af70082a09950c451fb2d8b822088168a6333 Mon Sep 17 00:00:00 2001
From: bakatrouble <bakatrouble@gmail.com>
Date: Thu, 31 Jul 2025 03:05:05 +0300
Subject: [PATCH] fix server auth

---
 server.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/server.py b/server.py
index cb84bb7..cc89b6b 100644
--- a/server.py
+++ b/server.py
@@ -66,7 +66,7 @@ def protected(wrapped):
 )
 @validate(json=LoginRequest)
 async def login(request):
-    if pbkdf2_sha256(request.json['password']) != api_auth.get(request.json['username']):
+    if not pbkdf2_sha256(10000, salt=b'salt').verify(request.json['password'], api_auth.get(request.json['username'])):
         return {'status': 'error', 'message': 'Invalid username or password'}
     return {
         'token': jwt.encode({}, api_secret, algorithm='HS256'),