fix server auth

2025-07-31 03:05:05 +03:00 · 2025-07-31 03:05:05 +03:00 · 1b3af70082
commit 1b3af70082
parent 9b9197be0e
1 changed files with 1 additions and 1 deletions
--- a/server.py
+++ b/server.py
@ -66,7 +66,7 @@ def protected(wrapped):
 )
@validate(json=LoginRequest)
 async def login(request):
-    if pbkdf2_sha256(request.json['password']) != api_auth.get(request.json['username']):
+    if not pbkdf2_sha256(10000, salt=b'salt').verify(request.json['password'], api_auth.get(request.json['username'])):
        return {'status': 'error', 'message': 'Invalid username or password'}
    return {
        'token': jwt.encode({}, api_secret, algorithm='HS256'),