https://github.com/openNAMU/openNAMU/issues/1988

의심되는 곳 수정

route/login_login.py

@@ -22,27 +22,23 @@ def login_login_2():
 
             user_agent = flask.request.headers.get('User-Agent', '')
             user_id = flask.request.form.get('id', '')
-            user_data = {}
+            user_pw = flask.request.form.get('pw', '')
 
-            curs.execute(db_change(
-                'select name, data from user_set where id = ? and (name = "pw" or name = "encode")'
-            ), [user_id])
-            sql_data = curs.fetchall()
-            if not sql_data:
+            curs.execute(db_change("select data from user_set where id = ? and name = 'pw'"), [user_id])
+            db_data = curs.fetchall()
+            if not db_data:
                 return re_error('/error/2')
-
-            for i in sql_data:
-                user_data[i[0]] = i[1]
-
-            if len(user_data) < 2:
+            else:
+                db_user_pw = db_data[0][0]
+                
+            curs.execute(db_change("select data from user_set where id = ? and name = 'encode'"), [user_id])
+            db_data = curs.fetchall()
+            if not db_data:
                 return re_error('/error/2')
+            else:
+                db_user_encode = db_data[0][0]
 
-            if pw_check(
-                flask.request.form.get('pw', ''),
-                user_data['pw'],
-                user_data['encode'],
-                user_id
-            ) != 1:
+            if pw_check(user_pw, db_user_pw, db_user_encode, user_id) != 1:
                 if not 'login_count' in flask.session:
                     flask.session['login_count'] = 1
                 else:

route/login_login_2fa.py

@@ -25,6 +25,7 @@ def login_login_2fa_2():
 
             user_agent = flask.request.headers.get('User-Agent', '')
             user_id = flask.session['login_id']
+            user_pw = flask.request.form.get('pw', '')
 
             curs.execute(db_change('select data from user_set where name = "2fa_pw" and id = ?'), [user_id])
             user_1 = curs.fetchall()
@@ -33,12 +34,7 @@ def login_login_2fa_2():
                 user_1 = user_1[0][0]
                 user_2 = curs.fetchall()[0][0]
 
-                pw_check_d = pw_check(
-                    flask.request.form.get('pw', ''),
-                    user_1,
-                    user_2,
-                    user_id
-                )
+                pw_check_d = pw_check(user_pw, user_1, user_2, user_id)
                 if pw_check_d != 1:
                     return re_error('/error/10')
 

route/login_login_2fa_email.py

@@ -25,6 +25,7 @@ def login_login_2fa_email_2():
 
             user_agent = flask.request.headers.get('User-Agent', '')
             user_id = flask.session['b_id']
+            user_pw = flask.request.form.get('pw', '')
 
             curs.execute(db_change('select data from user_set where name = "2fa_pw" and id = ?'), [user_id])
             user_1 = curs.fetchall()
@@ -33,12 +34,7 @@ def login_login_2fa_email_2():
                 user_1 = user_1[0][0]
                 user_2 = curs.fetchall()[0][0]
 
-                pw_check_d = pw_check(
-                    flask.request.form.get('pw', ''),
-                    user_1,
-                    user_2,
-                    user_id
-                )
+                pw_check_d = pw_check(user_pw, user_1, user_2, user_id)
                 if pw_check_d != 1:
                     return re_error('/error/10')
 

route/tool/func.py

@@ -899,24 +899,15 @@ def pw_check(data, data2, type_d = 'no', id_d = ''):
         curs.execute(db_change('select data from other where name = "encode"'))
         db_data = curs.fetchall()
         load_set_data = db_data[0][0] if db_data and db_data[0][0] != '' else 'sha3'
-        set_data = db_data[0][0] if db_data and db_data[0][0] != '' else 'sha3'
         
+        set_data = load_set_data
         if type_d != 'no':
-            if type_d == '':
-                set_data = 'sha3'
-            else:
-                set_data = type_d
+            set_data = 'sha3' if type_d == '' else type_d
 
         re_data = 1 if pw_encode(data, set_data) == data2 else 0
         if load_set_data != set_data and re_data == 1 and id_d != '':
-            curs.execute(db_change("update user_set set data = ? where id = ? and name = 'pw'"), [
-                pw_encode(data), 
-                id_d
-            ])
-            curs.execute(db_change("update user_set set data = ? where id = ? and name = 'encode'"), [
-                load_set_data, 
-                id_d
-            ])
+            curs.execute(db_change("update user_set set data = ? where id = ? and name = 'pw'"), [pw_encode(data), id_d])
+            curs.execute(db_change("update user_set set data = ? where id = ? and name = 'encode'"), [load_set_data, id_d])
 
         return re_data