webapp/bookstack
1
0
Fork 0
mirror of https://github.com/BookStackApp/BookStack.git synced 2026-01-03 23:42:28 +03:00
Code Activity

Auth: Added specific guards against guest account login

Browse Source 
Hardened things to enforce the intent that the guest account should not
be used for logins.
Currently this would not be allowed due to empty set password, and no
password fields on user edit forms, but an error could occur if the
login was attempted.

This adds:
- Handling to show normal invalid user warning on login instead of a
  hash check error.
- Prevention of guest user via main login route, in the event that
  inventive workarounds would be used by admins to set a password for
  this account.
- Test for guest user login.
This commit is contained in:
Dan Brown
2024-12-11 14:22:48 +00:00
parent 8ec26e8083
commit 5632fef621
3 changed files with 59 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
app/Exceptions/LoginAttemptInvalidUserException.php Normal file
View File

@@ -0,0 +1,7 @@
<?php
namespace BookStack\Exceptions;
class LoginAttemptInvalidUserException extends LoginAttemptException
{
}