be more strict on password check

This commit is contained in:
John McLear 2018-03-23 19:21:52 +00:00 committed by GitHub
parent cb856ea624
commit 8767410a36
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions

View File

@ -37,7 +37,7 @@ exports.basicAuth = function (req, res, next) {
var username = userpass.shift();
var password = userpass.join(':');
if (settings.users[username] != undefined && settings.users[username].password == password) {
if (settings.users[username] != undefined && settings.users[username].password === password) {
settings.users[username].username = username;
req.session.user = settings.users[username];
return cb(true);