From ed3534131665a1ae1db743bb9055293bad5d67ca Mon Sep 17 00:00:00 2001
From: Project_IO <me@projecttl.net>
Date: Wed, 11 Sep 2024 00:36:03 +0900
Subject: [PATCH] HOTFIX: fix security issue

---
 routes/auth.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/routes/auth.py b/routes/auth.py
index 7ef529b..0b5275f 100644
--- a/routes/auth.py
+++ b/routes/auth.py
@@ -10,7 +10,7 @@ def login(auth: Credential, resp: Response):
 	data = service.read(auth.username)
 
 	hashed = hash(auth.password, data.salt)
-	if not data.username == auth.username and not data.password == hashed:
+	if data.username != auth.username or data.password != hashed:
 		resp.status_code = 401
 		return {
 			"ok": 0,