Frontend: Fix user password changing and use HTTP 307 for redirecting

2023-09-12 11:38:11 +02:00 · 2023-09-12 11:38:11 +02:00 · c296f53678
commit c296f53678
parent f36cd5085f
2 changed files with 2 additions and 3 deletions
--- a/frontend.pm
+++ b/frontend.pm
@ -326,7 +326,7 @@ sub redirect {
 	my $aClient = $_[0];
 	my $aLocation = $_[1];

-	my $response = getBaseResponse(301, "Moved Permanently");
+	my $response = getBaseResponse(307, "Temporary Redirect");
 	$response.="Content-Length: 0\r\n";
 	$response.="Location: $aLocation\r\n";
 	$aClient->send($response);
--- a/frontend_routes.pm
+++ b/frontend_routes.pm
@ -256,8 +256,7 @@ sub handlePath {
 		$query->execute($session->{"username"});
 		my @row = $query->fetchrow_array();
 		my $password = $row[0];
-		my $hashedPassword = Digest::SHA::sha256_hex($password);
-		if($hashedPassword ne $password) {
+		if($password ne Digest::SHA::sha256_hex($parameters{"currentPassword"})) {
 			frontend::sendBadRequest($aClient, "Wrong password");
 			return 1;
 		}