From 6b0ed684dfe2008b181b040117c1e090bd95c642 Mon Sep 17 00:00:00 2001
From: ASPP Student <student@localhost>
Date: Mon, 26 Aug 2024 14:57:11 +0300
Subject: [PATCH] prevent leaking usernames, resolves #3

---
 auth.py | 9 +++------
 1 file changed, 3 insertions(+), 6 deletions(-)

diff --git a/auth.py b/auth.py
index 1559a08..9c39a66 100644
--- a/auth.py
+++ b/auth.py
@@ -38,11 +38,8 @@ if __name__ == "__main__":
         write_pwdb(pwdb, PWDB_PATH)
     else:
         username, password = get_credentials()
-        if username not in pwdb:
-            print('Wrong username!')
+        if username not in pwdb or not authenticate(username, password, pwdb):
+            print('Wrong credentials (username or password)!')
         else:
-            if authenticate(username, password, pwdb):
-                print('Successfully authenticated!')
-            else:
-                print('Wrong password!')
+            print('Successfully authenticated!')