-
- Downloads
fix: CSRF vulnerability (#44)
* fix: CSRF vulnerability * Use jwtKey (256 bytes random string) as JWT Signature Private Key * Delete add Add admin's tenant & user when initializing Backend fix linter * fix: exposed password in UserModal * add confirmPassword in UserModal * use crypto/rand instead of math/rand * Use http.StatusUnauthorized instead of http.StatusNotFound when CheckAuth failed. * add InitJwtKey()
Showing
- backend/WebUI/api_webui.go 99 additions, 33 deletionsbackend/WebUI/api_webui.go
- backend/webui_service/webui_init.go 5 additions, 0 deletionsbackend/webui_service/webui_init.go
- frontend/package.json 1 addition, 1 deletionfrontend/package.json
- frontend/src/components/SideBar/Nav.js 1 addition, 1 deletionfrontend/src/components/SideBar/Nav.js
- frontend/src/metadata/index.js 13 additions, 1 deletionfrontend/src/metadata/index.js
- frontend/src/pages/Auth/Login.js 1 addition, 1 deletionfrontend/src/pages/Auth/Login.js
- frontend/src/pages/Users/components/UserModal.js 17 additions, 6 deletionsfrontend/src/pages/Users/components/UserModal.js
- frontend/src/util/AuthHelper.js 10 additions, 14 deletionsfrontend/src/util/AuthHelper.js
- frontend/yarn.lock 1898 additions, 2287 deletionsfrontend/yarn.lock
Loading
Please register or sign in to comment