diff options
author | Daniel GarcĂa <[email protected]> | 2024-11-15 11:26:06 +0100 |
---|---|---|
committer | GitHub <[email protected]> | 2024-11-15 11:26:06 +0100 |
commit | 548db625615175df8030968212dae617fb20e969 (patch) | |
tree | 8f9ce3878429eafb3890adbe053e948cc07c84c4 /src/api/identity.rs | |
parent | f819e6c728dcbf9a3a27fb603c76e8ea7697953d (diff) | |
parent | 0d16b38a68c702e7f300a64f9e55d897916ae238 (diff) | |
download | vaultwarden-ssh_keys.tar.gz vaultwarden-ssh_keys.zip |
Merge branch 'main' into ssh_keysssh_keys
Diffstat (limited to 'src/api/identity.rs')
-rw-r--r-- | src/api/identity.rs | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/src/api/identity.rs b/src/api/identity.rs index f2618164..445d61fd 100644 --- a/src/api/identity.rs +++ b/src/api/identity.rs @@ -190,8 +190,12 @@ async fn _password_login( ) }; + let expiration_time = auth_request.creation_date + chrono::Duration::minutes(5); + let request_expired = Utc::now().naive_utc() >= expiration_time; + if auth_request.user_uuid != user.uuid || !auth_request.approved.unwrap_or(false) + || request_expired || ip.ip.to_string() != auth_request.request_ip || !auth_request.check_access_code(password) { |