hoernschen/dendrite
1
0
Fork 0
mirror of https://github.com/hoernschen/dendrite.git synced 2025-07-31 13:22:46 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Stronger passwordless account checks (fixes #2780)

Browse source
This commit is contained in:
Neil Alexander 2022-10-10 10:39:29 +01:00
parent f1b8df0f49
commit 980fa55846
No known key found for this signature in database
GPG key ID: A02A2019A2BB0944
2 changed files with 5 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

2
userapi/internal/api.go
View file

@ -838,6 +838,8 @@ func (a *UserInternalAPI) QueryAccountByPassword(ctx context.Context, req *api.Q
return nil
case bcrypt.ErrMismatchedHashAndPassword: // user exists, but password doesn't match
return nil
case bcrypt.ErrHashTooShort: // user exists, but probably a passwordless account
return nil
default:
res.Exists = true
res.Account = acc