From 8767410a36be9c42b85d0a11f199497caf79a1d8 Mon Sep 17 00:00:00 2001 From: John McLear Date: Fri, 23 Mar 2018 19:21:52 +0000 Subject: [PATCH] be more strict on password check --- src/node/hooks/express/webaccess.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/node/hooks/express/webaccess.js b/src/node/hooks/express/webaccess.js index 190021a3e..1faceec7c 100644 --- a/src/node/hooks/express/webaccess.js +++ b/src/node/hooks/express/webaccess.js @@ -37,7 +37,7 @@ exports.basicAuth = function (req, res, next) { var username = userpass.shift(); var password = userpass.join(':'); - if (settings.users[username] != undefined && settings.users[username].password == password) { + if (settings.users[username] != undefined && settings.users[username].password === password) { settings.users[username].username = username; req.session.user = settings.users[username]; return cb(true);