fix: resolve 7 audit issues - webhook tokens, cookie security, avatar save, TUI fallback, dead code, valkey default
This commit is contained in:
+12
-5
@@ -21,16 +21,23 @@ func RunAuth(api *APIClient) (string, error) {
|
||||
email, _ := reader.ReadString('\n')
|
||||
email = strings.TrimSpace(email)
|
||||
|
||||
var password string
|
||||
|
||||
fmt.Print(" Password: ")
|
||||
pwBytes, err := term.ReadPassword(int(syscall.Stdin))
|
||||
if err != nil {
|
||||
// Fallback to plain read
|
||||
fmt.Scanln(&email)
|
||||
return "", fmt.Errorf("read password: %w", err)
|
||||
var pwLine string
|
||||
fmt.Scanln(&pwLine)
|
||||
password = strings.TrimSpace(pwLine)
|
||||
fmt.Println()
|
||||
if password == "" {
|
||||
return "", fmt.Errorf("read password: %w", err)
|
||||
}
|
||||
} else {
|
||||
fmt.Println() // newline after password
|
||||
password = strings.TrimSpace(string(pwBytes))
|
||||
}
|
||||
fmt.Println() // newline after password
|
||||
|
||||
password := strings.TrimSpace(string(pwBytes))
|
||||
|
||||
if email == "" || password == "" {
|
||||
return "", fmt.Errorf("email and password are required")
|
||||
|
||||
Reference in New Issue
Block a user