diff options
| author | Christopher Ng <chrng8@gmail.com> | 2024-06-27 16:58:06 -0700 |
|---|---|---|
| committer | Christopher Ng <chrng8@gmail.com> | 2024-07-08 16:31:42 -0700 |
| commit | c390ae94ff21c553fadc6645ca311eb42a46195f (patch) | |
| tree | 01ef742adc3695ea81fa9d25abc1443ef3a23816 /lib/private | |
| parent | dba00560d201755fd1bd57a0a5bf6ee6704281ed (diff) | |
| download | nextcloud-server-c390ae94ff21c553fadc6645ca311eb42a46195f.tar.gz nextcloud-server-c390ae94ff21c553fadc6645ca311eb42a46195f.zip | |
feat: Validate password hash
Signed-off-by: Christopher Ng <chrng8@gmail.com>
Diffstat (limited to 'lib/private')
| -rw-r--r-- | lib/private/User/Database.php | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/lib/private/User/Database.php b/lib/private/User/Database.php index 194e998ef4f..bd6aa7ba2c2 100644 --- a/lib/private/User/Database.php +++ b/lib/private/User/Database.php @@ -8,6 +8,7 @@ declare(strict_types=1); */ namespace OC\User; +use InvalidArgumentException; use OCP\AppFramework\Db\TTransactional; use OCP\Cache\CappedMemoryCache; use OCP\EventDispatcher\IEventDispatcher; @@ -200,6 +201,9 @@ class Database extends ABackend implements } public function setPasswordHash(string $userId, string $passwordHash): bool { + if (!\OCP\Server::get(IHasher::class)->validate($passwordHash)) { + throw new InvalidArgumentException(); + } $this->fixDI(); $result = $this->updatePassword($userId, $passwordHash); if (!$result) { |