From 8767410a36be9c42b85d0a11f199497caf79a1d8 Mon Sep 17 00:00:00 2001
From: John McLear <john@mclear.co.uk>
Date: Fri, 23 Mar 2018 19:21:52 +0000
Subject: [PATCH] be more strict on password check

---
 src/node/hooks/express/webaccess.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/node/hooks/express/webaccess.js b/src/node/hooks/express/webaccess.js
index 190021a3..1faceec7 100644
--- a/src/node/hooks/express/webaccess.js
+++ b/src/node/hooks/express/webaccess.js
@@ -37,7 +37,7 @@ exports.basicAuth = function (req, res, next) {
       var username = userpass.shift();
       var password = userpass.join(':');
 
-      if (settings.users[username] != undefined && settings.users[username].password == password) {
+      if (settings.users[username] != undefined && settings.users[username].password === password) {
         settings.users[username].username = username;
         req.session.user = settings.users[username];
         return cb(true);