prevent leaking usernames, resolves #3

2024-08-26 14:57:11 +03:00 · 2024-08-26 14:57:11 +03:00 · 6b0ed684df
parent b42ef06d91
commit 6b0ed684df
1 changed files with 3 additions and 6 deletions
--- a/auth.py
+++ b/auth.py
@ -38,11 +38,8 @@ if __name__ == "__main__":
        write_pwdb(pwdb, PWDB_PATH)
    else:
        username, password = get_credentials()
-        if username not in pwdb:
-            print('Wrong username!')
+        if username not in pwdb or not authenticate(username, password, pwdb):
+            print('Wrong credentials (username or password)!')
        else:
-            if authenticate(username, password, pwdb):
            print('Successfully authenticated!')
-            else:
-                print('Wrong password!')