Rooba
/
tacticalrmm
mirror of https://github.com/amidaware/tacticalrmm.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update views.py 

Added 404 replies if User doesn't exist
This commit is contained in:
sadnub 2020-08-20 09:08:41 -06:00 committed by GitHub
parent 68c9a31f46
commit c316652128
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
api/tacticalrmm/accounts/views.py
View File

@ -25,7 +25,7 @@ class CheckCreds(KnoxLoginView):
serializer = AuthTokenSerializer(data=request.data) serializer = AuthTokenSerializer(data=request.data)
serializer.is_valid(raise_exception=True) serializer.is_valid(raise_exception=True)
user = User.objects.get(username=request.data["username"]) user = get_object_or_404(User, username=request.data["username"])
if not user.totp_key: if not user.totp_key:
return Response("totp not set") return Response("totp not set")
@ -99,7 +99,7 @@ class GetUpdateDeleteUser(APIView):
return Response("ok") return Response("ok")
def delete(self, request, pk): def delete(self, request, pk):
User.objects.get(pk=pk).delete() get_object_or_404(User, pk=pk).delete()
return Response("ok") return Response("ok")
@ -109,7 +109,7 @@ class UserActions(APIView):
# reset password # reset password
def post(self, request): def post(self, request):
user = User.objects.get(pk=request.data["id"]) user = get_object_or_404(User, pk=request.data["id"])
user.set_password(request.data["password"]) user.set_password(request.data["password"])
user.save() user.save()
@ -118,7 +118,7 @@ class UserActions(APIView):
# reset two factor token # reset two factor token
def put(self, request): def put(self, request):
user = User.objects.get(pk=request.data["id"]) user = get_object_or_404(User, pk=request.data["id"])
user.totp_key = "" user.totp_key = ""
user.save() user.save()