Nemcio/meanTorrent
1
0
Fork 0
mirror of https://github.com/taobataoma/meanTorrent.git synced 2026-05-06 17:16:32 +02:00
Code Issues Packages Projects Releases Wiki Activity

Genericize invalid username or password message

Browse Source 
https://github.com/meanjs/mean/issues/133
The message given to the user upon an invalid login attempt, for security reasons, should not reveal that the username or password was incorrect.  Rather, a generic message should be displayed when the username or password is incorrect.
This commit is contained in:
Max
2014-08-14 00:23:42 -06:00
parent 2c319c5e65
commit aeb02720f2
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
config/strategies/local.js
View File

@@ -22,12 +22,12 @@ module.exports = function() {
}
if (!user) {
return done(null, false, {
message: 'Unknown user'
message: 'Unknown user or invalid password'
});
}
if (!user.authenticate(password)) {
return done(null, false, {
message: 'Invalid password'
message: 'Unknown user or invalid password'
});
}
@@ -35,4 +35,4 @@ module.exports = function() {
});
}
));
};
};