Use the cache also for UserBackend::getPassword

Signed-off-by: Joas Schilling <coding@schilljs.com>

1 files changed, 6 insertions, 17 deletions

diff --git a/lib/private/User/Database.php b/lib/private/User/Database.php
index 81094d4d8af..b2018c02a3e 100644
--- a/lib/private/User/Database.php
+++ b/lib/private/User/Database.php
@@ -329,28 +329,16 @@ class Database extends ABackend implements
 	 * returns the user id or false
 	 */
 	public function checkPassword(string $loginName, string $password) {
-		$this->fixDI();
+		$found = $this->loadUser($loginName);
 
-		$qb = $this->dbConn->getQueryBuilder();
-		$qb->select('uid', 'password')
-			->from($this->table)
-			->where(
-				$qb->expr()->eq(
-					'uid_lower', $qb->createNamedParameter(mb_strtolower($loginName))
-				)
-			);
-		$result = $qb->execute();
-		$row = $result->fetch();
-		$result->closeCursor();
-
-		if ($row) {
-			$storedHash = $row['password'];
+		if ($found && is_array($this->cache[$loginName])) {
+			$storedHash = $this->cache[$loginName]['password'];
 			$newHash = '';
 			if (\OC::$server->getHasher()->verify($password, $storedHash, $newHash)) {
 				if (!empty($newHash)) {
 					$this->updatePassword($loginName, $newHash);
 				}
-				return (string)$row['uid'];
+				return (string)$this->cache[$loginName]['uid'];
 			}
 		}
 
@@ -375,7 +363,7 @@ class Database extends ABackend implements
 			}
 
 			$qb = $this->dbConn->getQueryBuilder();
-			$qb->select('uid', 'displayname')
+			$qb->select('uid', 'displayname', 'password')
 				->from($this->table)
 				->where(
 					$qb->expr()->eq(
@@ -391,6 +379,7 @@ class Database extends ABackend implements
 				$this->cache[$uid] = [
 					'uid' => (string)$row['uid'],
 					'displayname' => (string)$row['displayname'],
+					'password' => (string)$row['password'],
 				];
 			} else {
 				$this->cache[$uid] = false;