fix: verify the response, not the challenge
This commit is contained in:
parent
bc5957f881
commit
6c34b383d7
|
@ -297,7 +297,7 @@ func (h *HttpHandler) AccountRegister(jc jape.Context) {
|
|||
return
|
||||
}
|
||||
|
||||
if !ed25519.Verify(decodedKey[1:], decodedChallenge, decodedSignature) {
|
||||
if !ed25519.Verify(decodedKey[1:], decodedResponse, decodedSignature) {
|
||||
errored(errInvalidSignatureErr)
|
||||
return
|
||||
}
|
||||
|
@ -470,7 +470,7 @@ func (h *HttpHandler) AccountLogin(jc jape.Context) {
|
|||
return
|
||||
}
|
||||
|
||||
if !ed25519.Verify(decodedKey[1:], decodedChallenge, decodedSignature) {
|
||||
if !ed25519.Verify(decodedKey[1:], decodedResponse, decodedSignature) {
|
||||
errored(errInvalidSignatureErr)
|
||||
return
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue