xTr1m/GameList
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Validate admin key on register

Browse Source
This commit is contained in:
Frank Tovar
2026-01-29 01:18:34 +01:00
parent 60191a1fe3
commit c318cfd120
2 changed files with 8 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
Endpoints/AuthEndpoints.cs
View File

@@ -35,7 +35,13 @@ public static class AuthEndpoints
var (hash, salt) = PasswordHasher.HashPassword(request.Password);
var adminKey = EndpointHelpers.TrimTo(request.AdminKey, 128);
var expectedAdminKey = config["ADMIN_PASSWORD"];
var isAdmin = !string.IsNullOrWhiteSpace(expectedAdminKey) && adminKey == expectedAdminKey;
var wantsAdmin = !string.IsNullOrWhiteSpace(adminKey);
if (wantsAdmin)
{
if (string.IsNullOrWhiteSpace(expectedAdminKey) || adminKey != expectedAdminKey)
return Results.BadRequest(new { error = "Invalid admin key." });
}
var isAdmin = wantsAdmin;
var player = new Player
{