search

pactus-project / pactus

Pactus blockchain
https://pactus.org
MIT License
126 stars 137 forks source link

Should return error if gRPC has no password, but calls with username and password #1376

Open b00f opened 2 weeks ago

b00f commented 2 weeks ago

Description

If basic_auth for gRPC is not set, calling any method with a password works, such as:

./build/pactus-shell blockchain get-blockchain-info --auth-username foo --auth-password bar

It should warn the user that no password is set.

How To Reproduce

Create a localnet or connect to testnet, and call any gRPC API with basic auth credentials.

What Happened

The API call succeeds, even though it should not.

b00f commented 1 week ago

It is still not fixed. Run node with out basic_auth and then run this command:

./build/pactus-shell blockchain get-blockchain-info --auth-username foo --auth-password bar