barbercollie/tinyauth
1
0
Fork 1
mirror of https://github.com/steveiliop56/tinyauth.git synced 2026-05-24 05:00:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: potential nil pointer dereferences

Browse Source
This commit is contained in:
Scott McKendry
2026-05-24 11:00:56 +12:00
parent 2737a25227
commit a7bc6729fe
2 changed files with 5 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
internal/middleware/context_middleware.go
+4
View File
@@ -251,6 +251,10 @@ func (m *ContextMiddleware) basicAuth(username string, password string) (*model.
case model.UserLocal:
user := m.auth.GetLocalUser(username)
if user == nil {
return nil, nil, fmt.Errorf("user not found locally: %s", username)
}
if user.TOTPSecret != "" {
return nil, nil, fmt.Errorf("user with totp not allowed to login via basic auth: %s", username)
}
internal/service/access_controls_rules.go
+1 -1
View File
@@ -114,7 +114,7 @@ type LDAPGroupRule struct {
}
func (rule *LDAPGroupRule) Evaluate(ctx *ACLContext) Effect {
if ctx == nil || ctx.UserContext == nil {
if ctx == nil || ctx.UserContext == nil || ctx.ACLs == nil {
return EffectAbstain
}