Peerplays_Blockchain/peerplays_migrated
1
0
Fork 0
Code Issues 35 Pull requests 4 Projects Releases 20 Packages Wiki Activity Actions

Revert "cli_wallet: Implement HTTP header for wallet unlocking"

Browse source 
This reverts commit 8db1b930f3.
Since cli_wallet itself makes no effort to be stateless, we
can simply unlock in a separate call.  Removing the ability
to use the header to unlock reduces the potential for user
confusion about whether the HTTP API provides security
(it does not).
This commit is contained in:
theoreticalbts 2015-06-30 03:06:59 -04:00
parent 8db1b930f3
commit 417f869dea
1 changed files with 0 additions and 29 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

29
programs/cli_wallet/main.cpp
View file

@ -210,35 +210,6 @@ int main( int argc, char** argv )
std::shared_ptr< fc::rpc::http_api_connection > conn =
std::make_shared< fc::rpc::http_api_connection>();
conn->register_api( wapi );
// allow unlocking with password in HTTP header
std::string unlock_password = req.get_header( "Graphene-Wallet-Password" );
if( unlock_password != "" )
{
fc::optional< std::string > unlock_error;
fc::rpc::request unlock_request;
fc::variants args;
args.push_back( unlock_password );
unlock_request.method = "unlock";
unlock_request.params = args;
try
{
conn->_rpc_state.local_call( unlock_request.method, unlock_request.params );
}
catch ( const fc::exception& e )
{
unlock_error = fc::json::to_string( fc::rpc::response( *unlock_request.id,
fc::rpc::error_object{ 1, e.to_detail_string(), fc::variant(e)} ) );
}
if( unlock_error.valid() )
{
// FC's IO framework doesn't allow write() in exception handler
resp.set_status( fc::http::reply::InternalServerError );
resp.set_length( unlock_error->length() );
resp.write( unlock_error->c_str(), unlock_error->length() );
return;
}
}
conn->on_request( req, resp );
} );
}