We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
1 parent e7440a9 commit ae23afbCopy full SHA for ae23afb
app/webapp/ruby/lib/torb/web.rb
@@ -376,7 +376,7 @@ def render_report_csv(reports)
376
password = body_params['password']
377
378
administrator = db.xquery('SELECT * FROM administrators WHERE login_name = ?', login_name).first
379
- pass_hash = db.xquery('SELECT SHA2(?, 256) AS pass_hash', password).first['pass_hash']
+ pass_hash = OpenSSL::Digest::SHA256.hexdigest(password)
380
halt_with_error 401, 'authentication_failed' if administrator.nil? || pass_hash != administrator['pass_hash']
381
382
session['administrator_id'] = administrator['id']
0 commit comments