Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

bug: Signup Bug #5

Closed
pantharshit007 opened this issue Jul 12, 2024 · 1 comment · Fixed by #6
Closed

bug: Signup Bug #5

pantharshit007 opened this issue Jul 12, 2024 · 1 comment · Fixed by #6
Assignees
@amitamrutiya
Labels
bug Something isn't working

Comments

@pantharshit007
Copy link

if a user tries to sign on to your website once all the credentials are in system asks for otp. Still, when I try to re-signup it says my user name already exists which suggests that even before entering OTP it already recorded my info in DB which is a hug vulnerability.

Because of this, I could log in without using any otp recommend you fix this.

Sol: Save the db once otp is verified before that don't do that (I haven't looked at your code so I don't know how you have done the db modelling).
@pantharshit007 pantharshit007 added the bug Something isn't working label Jul 12, 2024
@amitamrutiya
Copy link
Owner

Thanks, @pantharshit007, for bringing up this issue. It's genuinely appreciated. I will start working on it as soon as possible.

@amitamrutiya amitamrutiya self-assigned this Jul 13, 2024
@amitamrutiya amitamrutiya pinned this issue Jul 15, 2024
@amitamrutiya amitamrutiya mentioned this issue Jul 15, 2024
Merged
2 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@amitamrutiya amitamrutiya

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix auth login and register issue amitamrutiya/MeetnChat
2 participants
@amitamrutiya @pantharshit007