themaster1970sf/TShock
1
0
Fork 0
Code Issues Pull requests Projects Releases 1 Packages Wiki Activity Actions

Remove an oversight relating to REST token management

Browse source
This commit is contained in:
White 2017-02-02 00:23:12 +10:30
parent 982ab7d1ef
commit 9d4ced58b9
1 changed files with 3 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

7
TShockAPI/Rest/SecureRest.cs
View file

@ -43,7 +43,7 @@ namespace Rests
public Dictionary<string, TokenData> AppTokens { get; protected set; } public Dictionary<string, TokenData> AppTokens { get; protected set; }
private RNGCryptoServiceProvider _rng = new RNGCryptoServiceProvider(); private RNGCryptoServiceProvider _rng = new RNGCryptoServiceProvider();
public SecureRest(IPAddress ip, int port) public SecureRest(IPAddress ip, int port)
: base(ip, port) : base(ip, port)
{ {
@ -128,8 +128,7 @@ namespace Rests
} }
else else
{ {
if (!TShock.Config.RESTLimitOnlyFailedLoginRequests) tokenBucket.Add(context.RemoteEndPoint.Address.ToString(), 1); // First time request, set to one and process request
tokenBucket.Add(context.RemoteEndPoint.Address.ToString(), 1); // First time request, set to one and process request
} }
User userAccount = TShock.Users.GetUserByName(username); User userAccount = TShock.Users.GetUserByName(username);
@ -152,7 +151,7 @@ namespace Rests
return new RestObject("403") return new RestObject("403")
{ Error = "Username or password may be incorrect or this account may not have sufficient privileges." }; { Error = "Username or password may be incorrect or this account may not have sufficient privileges." };
} }
string tokenHash; string tokenHash;
var randbytes = new byte[32]; var randbytes = new byte[32];
do do