summaryrefslogtreecommitdiffstats
path: root/lib/private/Authentication/Token/PublicKeyTokenProvider.php
diff options
context:
space:
mode:
Diffstat (limited to 'lib/private/Authentication/Token/PublicKeyTokenProvider.php')
-rw-r--r--lib/private/Authentication/Token/PublicKeyTokenProvider.php5
1 files changed, 3 insertions, 2 deletions
diff --git a/lib/private/Authentication/Token/PublicKeyTokenProvider.php b/lib/private/Authentication/Token/PublicKeyTokenProvider.php
index 651540f934a..adac86dd073 100644
--- a/lib/private/Authentication/Token/PublicKeyTokenProvider.php
+++ b/lib/private/Authentication/Token/PublicKeyTokenProvider.php
@@ -450,13 +450,14 @@ class PublicKeyTokenProvider implements IProvider {
$passwordHash = $this->hashPassword($password);
$verifiedHashes = [];
foreach ($tokens as $t) {
- if ($t->getPasswordHash() === null || isset($verifiedHashes[$t->getPasswordHash()]) || $this->hasher->verify(sha1($password) . $password, $t->getPasswordHash())) {
- $verifiedHashes[$t->getPasswordHash() ?: ''] = true;
+ if ($t->getPasswordHash() === null || !isset($verifiedHashes[$t->getPasswordHash()]) || !$this->hasher->verify(sha1($password) . $password, $t->getPasswordHash())) {
$publicKey = $t->getPublicKey();
$t->setPassword($this->encryptPassword($password, $publicKey));
$t->setPasswordHash($passwordHash);
$t->setPasswordInvalid(false);
$this->updateToken($t);
+ } else {
+ $verifiedHashes[$t->getPasswordHash() ?: ''] = true;
}
}
}
generated by cgit v1.2.3 (git 2.39.1) at 2025-03-01 15:59:29 +0000