Merge pull request #555 from ryancyq/bugfix/token-auth-filter-password

maliming · web-flow · commit 26dab0a974d6 · 2020-09-06T10:45:38.000+08:00
Ensure password is not audited during token authentication
diff --git a/aspnet-core/src/AbpCompanyName.AbpProjectName.Web.Core/Models/TokenAuth/AuthenticateModel.cs b/aspnet-core/src/AbpCompanyName.AbpProjectName.Web.Core/Models/TokenAuth/AuthenticateModel.cs
@@ -1,4 +1,5 @@
 ﻿using System.ComponentModel.DataAnnotations;
+using Abp.Auditing;
 using Abp.Authorization.Users;
 
 namespace AbpCompanyName.AbpProjectName.Models.TokenAuth
@@ -11,8 +12,9 @@ public class AuthenticateModel
 
         [Required]
         [StringLength(AbpUserBase.MaxPlainPasswordLength)]
+        [DisableAuditing]
         public string Password { get; set; }
-        
+
         public bool RememberClient { get; set; }
     }
 }

Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,5 @@`
`1`	`1`	`using System.ComponentModel.DataAnnotations;`
	`2`	`+using Abp.Auditing;`
`2`	`3`	`using Abp.Authorization.Users;`
`3`	`4`
`4`	`5`	`namespace AbpCompanyName.AbpProjectName.Models.TokenAuth`
`@@ -11,8 +12,9 @@ public class AuthenticateModel`
`11`	`12`
`12`	`13`	`[Required]`
`13`	`14`	`[StringLength(AbpUserBase.MaxPlainPasswordLength)]`
	`15`	`+ [DisableAuditing]`
`14`	`16`	`public string Password { get; set; }`
`15`		`-`
	`17`	`+`
`16`	`18`	`public bool RememberClient { get; set; }`
`17`	`19`	`}`
`18`	`20`	`}`