saltyming/vaultwarden
1
0
Fork 0
mirror of https://github.com/dani-garcia/vaultwarden.git synced 2025-06-21 02:40:08 +00:00
Code Activity

Allow set-password only if account is unitialized

Browse source
This commit is contained in:
Timshel 2025-01-16 18:14:06 +01:00
parent da8be29de0
commit 6f9b88e572
1 changed files with 4 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

4
src/api/core/accounts.rs
View file

@ -262,6 +262,10 @@ async fn post_set_password(data: Json<SetPasswordData>, headers: Headers, mut co
let data: SetPasswordData = data.into_inner();
let mut user = headers.user;
if user.private_key.is_some() {
err!("Account already intialized cannot set password")
}
// Check against the password hint setting here so if it fails, the user
// can retry without losing their invitation below.
let password_hint = clean_password_hint(&data.master_password_hint);