From b6fd5550387b5146d13d336082b1275f72b724d0 Mon Sep 17 00:00:00 2001
From: ed <s@ocv.me>
Date: Fri, 5 May 2023 20:24:24 +0000
Subject: [PATCH] panic if two accounts have the same password

---
 copyparty/authsrv.py | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/copyparty/authsrv.py b/copyparty/authsrv.py
index 4c92ef56..12b7c688 100644
--- a/copyparty/authsrv.py
+++ b/copyparty/authsrv.py
@@ -1178,6 +1178,14 @@ class AuthSrv(object):
         if LEELOO_DALLAS in all_users:
             raise Exception("sorry, reserved username: " + LEELOO_DALLAS)
 
+        seenpwds = {}
+        for usr, pwd in acct.items():
+            if pwd in seenpwds:
+                t = "accounts [{}] and [{}] have the same password; this is not supported"
+                self.log(t.format(seenpwds[pwd], usr), 1)
+                raise Exception("invalid config")
+            seenpwds[pwd] = usr
+
         promote = []
         demote = []
         for vol in vfs.all_vols.values():