From 59c06628740bcc672b28d35d9ac6fb1832bfe222 Mon Sep 17 00:00:00 2001 From: Thaddee Tyl Date: Sat, 11 Nov 2017 10:27:24 +0100 Subject: [PATCH] Fix bug saving GitHub tokens from other servers This fixes a bug introduced in 076cb14, wherein we discarded tokens received from other servers, and wherein we could save tokens with invalid identification. The bug was raised by Paul Melnikow. --- lib/github-auth.js | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/lib/github-auth.js b/lib/github-auth.js index 642f3ae785..a6f6ddd252 100644 --- a/lib/github-auth.js +++ b/lib/github-auth.js @@ -104,9 +104,9 @@ function setRoutes(server) { }); server.route(/^\/github-auth\/add-token$/, function(data, match, end, ask) { - if (constEq(data.shieldsSecret, serverSecrets.shieldsSecret)) { - // An unknown entity tries to connect. Let the connection linger for a minute. - return setTimeout(function() { end('Invalid secret.'); }, 60000); + if (!constEq(data.shieldsSecret, serverSecrets.shieldsSecret)) { + // An unknown entity tries to connect. Let the connection linger for 10s. + return setTimeout(function() { end('Invalid secret.'); }, 10000); } addGithubToken(data.token); end('Thanks!');