Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Check the role slug in Api.php
  • Loading branch information
alextselegidis committed May 9, 2022
1 parent f0e976c commit 63dbb51
Showing 1 changed file with 3 additions and 1 deletion.
4 changes: 3 additions & 1 deletion application/libraries/Api.php
Expand Up @@ -77,7 +77,9 @@ public function auth()

$password = $_SERVER['PHP_AUTH_PW'];

if ( ! $this->CI->accounts->check_login($username, $password))
$userdata = $this->CI->accounts->check_login($username, $password);

if (empty($userdata['role_slug']) || $userdata['role_slug'] !== DB_SLUG_ADMIN)
{
throw new RuntimeException('The provided credentials do not match any admin user!', 401, 'Unauthorized');
}
Expand Down

0 comments on commit 63dbb51

Please sign in to comment.