barbercollie/tinyauth
1
0
Fork 1
mirror of https://github.com/steveiliop56/tinyauth.git synced 2026-05-25 05:30:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: potential nil pointer dereferences (#893)

Browse Source
This commit is contained in:
Scott McKendry
2026-05-25 02:23:48 +12:00
committed by GitHub
parent 2737a25227
commit e532cde2b6
2 changed files with 5 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
internal/middleware/context_middleware.go
+4
View File
@@ -251,6 +251,10 @@ func (m *ContextMiddleware) basicAuth(username string, password string) (*model.
case model.UserLocal: case model.UserLocal:
user := m.auth.GetLocalUser(username) user := m.auth.GetLocalUser(username)
if user == nil {
return nil, nil, fmt.Errorf("user not found locally: %s", username)
}
if user.TOTPSecret != "" { if user.TOTPSecret != "" {
return nil, nil, fmt.Errorf("user with totp not allowed to login via basic auth: %s", username) return nil, nil, fmt.Errorf("user with totp not allowed to login via basic auth: %s", username)
} }
internal/service/access_controls_rules.go
+1 -1
View File
@@ -114,7 +114,7 @@ type LDAPGroupRule struct {
} }
func (rule *LDAPGroupRule) Evaluate(ctx *ACLContext) Effect { func (rule *LDAPGroupRule) Evaluate(ctx *ACLContext) Effect {
if ctx == nil || ctx.UserContext == nil { if ctx == nil || ctx.UserContext == nil || ctx.ACLs == nil {
return EffectAbstain return EffectAbstain
} }