summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGunnar Mills <gmills@us.ibm.com>2018-05-17 12:59:49 -0500
committerBrad Bishop <bradleyb@fuzziesquirrel.com>2018-05-23 18:43:10 +0000
commit57068618982edec6ad3a4be9117766aec525629f (patch)
treec615984628ad633822b18c510a6f6edfa9857bf7
parent5c518f63d7a169326b572cfa5886b15a6876f4f1 (diff)
downloadphosphor-rest-server-57068618982edec6ad3a4be9117766aec525629f.zip
phosphor-rest-server-57068618982edec6ad3a4be9117766aec525629f.tar.gz
Don't check for credentials on the login API
The web server should not be checking for credentials on the login API. This allows the GUI to check the old password on a password change. Resolves openbmc/openbmc#3190 Tested: Verfied login still works and tested changing the user password from the GUI. Change-Id: I7c3570d50c011a0327a34f09b447dec5ca42cb9f Signed-off-by: Gunnar Mills <gmills@us.ibm.com>
-rw-r--r--module/obmc/wsgi/apps/rest_dbus.py4
1 files changed, 0 insertions, 4 deletions
diff --git a/module/obmc/wsgi/apps/rest_dbus.py b/module/obmc/wsgi/apps/rest_dbus.py
index 3eac4f4..2d98817 100644
--- a/module/obmc/wsgi/apps/rest_dbus.py
+++ b/module/obmc/wsgi/apps/rest_dbus.py
@@ -687,10 +687,6 @@ class SessionHandler(MethodHandler):
return self.no_user_str
def do_login(self, **kw):
- session = self.get_session_from_cookie()
- if session is not None:
- return self.login_str % (session['user'], 'in')
-
if len(request.parameter_list) != 2:
abort(400, self.bad_json_str % (request.json))
OpenPOWER on IntegriCloud