Merge branch 'fix/auth-failure' into 'dev'

Fix auth response when no credentials supplied See merge request Shinobi-Systems/Shinobi!361
2022-06-26 19:03:25 +00:00 · 2022-06-26 19:03:25 +00:00 · 8045c8fc8d
parent 4b42dd6ed4 4316a4a4d2
commit 8045c8fc8d
1 changed files with 30 additions and 32 deletions
--- a/libs/auth.js
+++ b/libs/auth.js
@ -190,39 +190,37 @@ module.exports = function(s,config,lang){
                activeSession.lang = s.copySystemDefaultLanguage()
            }
            onSuccessComplete(activeSession)
-        }else{
-            if(s.api[params.auth] && s.api[params.auth].details){
-                var activeSession = s.api[params.auth]
-                onSuccess(activeSession)
-                if(activeSession.timeout){
-                   resetActiveSessionTimer(activeSession)
-                }
-            }else{
-                if(params.username && params.username !== '' && params.password && params.password !== ''){
-                    loginWithUsernameAndPassword(params,'*',function(err,user){
-                        if(user){
-                            params.auth = user.auth
-                            createSession(user)
-                            resetActiveSessionTimer(s.api[params.auth])
-                            onSuccess(user)
-                        }else{
-                            onFail()
-                        }
-                    })
-                }else{
-                    loginWithApiKey(params,function(err,user,isSessionKey){
-                        if(isSessionKey)resetActiveSessionTimer(s.api[params.auth])
-                        if(user){
-                            createSession(user,{
-                                auth: params.auth
-                            })
-                            onSuccess(s.api[params.auth])
-                        }else{
-                            onFail()
-                        }
-                    })
-                }
+        }else if(s.api[params.auth] && s.api[params.auth].details){
+            var activeSession = s.api[params.auth]
+            onSuccess(activeSession)
+            if(activeSession.timeout){
+               resetActiveSessionTimer(activeSession)
            }
+        }else if(params.username && params.username !== '' && params.password && params.password !== ''){
+            loginWithUsernameAndPassword(params,'*',function(err,user){
+                if(user){
+                    params.auth = user.auth
+                    createSession(user)
+                    resetActiveSessionTimer(s.api[params.auth])
+                    onSuccess(user)
+                }else{
+                    onFail()
+                }
+            })
+        }else if(params.auth && params.ke){
+            loginWithApiKey(params,function(err,user,isSessionKey){
+                if(isSessionKey)resetActiveSessionTimer(s.api[params.auth])
+                if(user){
+                    createSession(user,{
+                        auth: params.auth
+                    })
+                    onSuccess(s.api[params.auth])
+                }else{
+                    onFail()
+                }
+            })
+        } else {
+            onFail()
        }
    }
    //super user authentication handler