mirror of
https://github.com/processone/ejabberd.git
synced 2024-12-20 17:27:00 +01:00
Check account auth provided in WebAdmin is a local host (#3000)
This commit is contained in:
parent
07ef1775cd
commit
a51aa2bc44
@ -265,6 +265,13 @@ get_auth_admin(Auth, HostHTTP, RPath, Method) ->
|
||||
|
||||
get_auth_account(HostOfRule, AccessRule, User, Server,
|
||||
Pass) ->
|
||||
case lists:member(Server, ejabberd_config:get_myhosts()) of
|
||||
true -> get_auth_account2(HostOfRule, AccessRule, User, Server, Pass);
|
||||
false -> {unauthorized, <<"inexistent-host">>}
|
||||
end.
|
||||
|
||||
get_auth_account2(HostOfRule, AccessRule, User, Server,
|
||||
Pass) ->
|
||||
case ejabberd_auth:check_password(User, <<"">>, Server, Pass) of
|
||||
true ->
|
||||
case any_rules_allowed(HostOfRule, AccessRule,
|
||||
|
Loading…
Reference in New Issue
Block a user