More Let's Encrypt changes.

2025-03-09 15:40:18 +00:00 · 2019-11-18 14:17:27 -08:00 · 2019-11-18 14:17:27 -08:00 · dfbd933dc7
commit dfbd933dc7
parent bdbc755c35
3 changed files with 96 additions and 38 deletions
--- a/webserver.js
+++ b/webserver.js
@ -687,15 +687,17 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
                // Login failed, wait a random delay
                setTimeout(function () {
                    // If the account is locked, display that.
-                    var xuserid = 'user/' + domain.id + '/' + xusername.toLowerCase();
-                    if (err == 'locked') {
-                        parent.debug('web', 'handleLoginRequest: login failed, locked account');
-                        req.session.messageid = 110; // Account locked.
-                        obj.parent.DispatchEvent(['*', 'server-users', xuserid], obj, { action: 'authfail', userid: xuserid, username: xusername, domain: domain.id, msg: 'User login attempt on locked account from ' + cleanRemoteAddr(req.ip) });
-                    } else {
-                        parent.debug('web', 'handleLoginRequest: login failed, bad username and password');
-                        req.session.messageid = 112; // Login failed, check username and password.
-                        obj.parent.DispatchEvent(['*', 'server-users', xuserid], obj, { action: 'authfail', userid: xuserid, username: xusername, domain: domain.id, msg: 'Invalid user login attempt from ' + cleanRemoteAddr(req.ip) });
+                    if (typeof xusername == 'string') {
+                        var xuserid = 'user/' + domain.id + '/' + xusername.toLowerCase();
+                        if (err == 'locked') {
+                            parent.debug('web', 'handleLoginRequest: login failed, locked account');
+                            req.session.messageid = 110; // Account locked.
+                            obj.parent.DispatchEvent(['*', 'server-users', xuserid], obj, { action: 'authfail', userid: xuserid, username: xusername, domain: domain.id, msg: 'User login attempt on locked account from ' + cleanRemoteAddr(req.ip) });
+                        } else {
+                            parent.debug('web', 'handleLoginRequest: login failed, bad username and password');
+                            req.session.messageid = 112; // Login failed, check username and password.
+                            obj.parent.DispatchEvent(['*', 'server-users', xuserid], obj, { action: 'authfail', userid: xuserid, username: xusername, domain: domain.id, msg: 'Invalid user login attempt from ' + cleanRemoteAddr(req.ip) });
+                        }
                    }

                    // Clean up login mode and display password hint if present.