From 2f803a810560e4a95ae48ac4ff71f564beb47fab Mon Sep 17 00:00:00 2001
From: localhost_frssoft <userquicker@disroot.org>
Date: Tue, 3 Oct 2023 14:55:21 +0300
Subject: [PATCH] fix potential security issue, player can't re-enable fediauth
 without interact privilege

---
 onboard.lua | 1 +
 1 file changed, 1 insertion(+)

diff --git a/onboard.lua b/onboard.lua
index b9213a9..76b065b 100644
--- a/onboard.lua
+++ b/onboard.lua
@@ -21,6 +21,7 @@ minetest.register_chatcommand("fediauth_off", {
 
 minetest.register_chatcommand("fediauth_on", {
     description = "Enable the fediauth verification",
+    privs = { interact = true },
     func = function(name)
         local secret_b32 = fediauth.get_player_secret_b32(name)