libretic/etherpad-lite
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Revert "SessionStore: replace password with PASSWORD_HIDDEN when storing in db"

Browse source 
This reverts commit 53f126082a, which
broke user authentication.

Fixes issue #4016.
Reopens issue #3421.
This commit is contained in:
Richard Hansen 2020-05-16 16:42:02 -04:00 committed by muxator
parent 4644e7a127
commit 901a3f396e
1 changed files with 0 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
src/node/db/SessionStore.js
View file

@ -38,11 +38,6 @@ SessionStore.prototype.get = function(sid, fn) {
SessionStore.prototype.set = function(sid, sess, fn) {
messageLogger.debug('SET ' + sid);
// don't store passwords in DB
if (sess.user && sess.user.password) {
sess.user.password = "PASSWORD_HIDDEN";
}
db.set("sessionstorage:" + sid, sess);
if (fn) {
process.nextTick(fn);