verify the PIN input against the hashed PIN

This commit is contained in:
Alfred Kamanda 2025-01-02 13:49:57 +03:00
parent d95c7abea4
commit 99a4d3ff42
Signed by untrusted user: Alfred-mk
GPG Key ID: 7EA3D01708908703

View File

@ -725,7 +725,7 @@ func (h *Handlers) Authorize(ctx context.Context, sym string, input []byte) (res
return res, err return res, err
} }
if len(input) == 4 { if len(input) == 4 {
if bytes.Equal(input, AccountPin) { if common.VerifyPIN(string(AccountPin), string(input)) {
if h.st.MatchFlag(flag_account_authorized, false) { if h.st.MatchFlag(flag_account_authorized, false) {
res.FlagReset = append(res.FlagReset, flag_incorrect_pin) res.FlagReset = append(res.FlagReset, flag_incorrect_pin)
res.FlagSet = append(res.FlagSet, flag_allow_update, flag_account_authorized) res.FlagSet = append(res.FlagSet, flag_allow_update, flag_account_authorized)
@ -1403,7 +1403,6 @@ func (h *Handlers) GetCurrentProfileInfo(ctx context.Context, sym string, input
defaultValue = "Not Provided" defaultValue = "Not Provided"
} }
sm, _ := h.st.Where() sm, _ := h.st.Where()
parts := strings.SplitN(sm, "_", 2) parts := strings.SplitN(sm, "_", 2)
filename := parts[1] filename := parts[1]