highperfocused/danswer
1
0
Fork 0
mirror of https://github.com/danswer-ai/danswer.git synced 2025-09-21 14:12:42 +02:00
Code Issues Packages Projects Releases Wiki Activity

fix basic auth (#2505)

Browse Source
This commit is contained in:
pablodanswer
2024-09-18 15:45:58 -07:00
committed by GitHub
parent f3cea79c1c
commit a9403016c9
2 changed files with 22 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
backend/danswer/auth/users.py
View File

@@ -300,17 +300,27 @@ class UserManager(UUIDIDMixin, BaseUserManager[User, uuid.UUID]):
async def authenticate( async def authenticate(
self, credentials: OAuth2PasswordRequestForm self, credentials: OAuth2PasswordRequestForm
) -> Optional[User]: ) -> Optional[User]:
user = await super().authenticate(credentials) try:
if user is None: user = await self.get_by_email(credentials.username)
try: except exceptions.UserNotExists:
user = await self.get_by_email(credentials.username) self.password_helper.hash(credentials.password)
if not user.has_web_login: return None
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN, if not user.has_web_login:
detail="NO_WEB_LOGIN_AND_HAS_NO_PASSWORD", raise HTTPException(
) status_code=status.HTTP_403_FORBIDDEN,
except exceptions.UserNotExists: detail="NO_WEB_LOGIN_AND_HAS_NO_PASSWORD",
pass )
verified, updated_password_hash = self.password_helper.verify_and_update(
credentials.password, user.hashed_password
)
if not verified:
return None
if updated_password_hash is not None:
await self.user_db.update(user, {"hashed_password": updated_password_hash})
return user return user

1
web/src/lib/user.ts
View File

@@ -31,6 +31,7 @@ export const basicLogin = async (
["username", email], ["username", email],
["password", password], ["password", password],
]); ]);
const response = await fetch("/api/auth/login", { const response = await fetch("/api/auth/login", {
method: "POST", method: "POST",
credentials: "include", credentials: "include",