Stop if there is no encrypted token

Fix Argument 1 passed to OC\Security\Crypto::decrypt() must be of the type string, null given

Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>

1 files changed, 5 insertions, 1 deletions

diff --git a/core/Controller/LostController.php b/core/Controller/LostController.php
index dcdafaa408c..49f015d511d 100644
--- a/core/Controller/LostController.php
+++ b/core/Controller/LostController.php
@@ -194,8 +194,12 @@ class LostController extends Controller {
 			throw new \Exception($this->l10n->t('Couldn\'t reset password because the token is invalid'));
 		}
 
+		$encryptedToken = $this->config->getUserValue($userId, 'core', 'lostpassword', null);
+		if ($encryptedToken === null) {
+			throw new \Exception($this->l10n->t('Couldn\'t reset password because the token is invalid'));
+		}
+
 		try {
-			$encryptedToken = $this->config->getUserValue($userId, 'core', 'lostpassword', null);
 			$mailAddress = !is_null($user->getEMailAddress()) ? $user->getEMailAddress() : '';
 			$decryptedToken = $this->crypto->decrypt($encryptedToken, $mailAddress.$this->config->getSystemValue('secret'));
 		} catch (\Exception $e) {