hoernschen/dendrite
1
0
Fork 0
mirror of https://github.com/hoernschen/dendrite.git synced 2025-07-31 13:22:46 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Stronger passwordless account checks (fixes #2780)

Browse source
This commit is contained in:
Neil Alexander 2022-10-10 10:39:29 +01:00
parent f1b8df0f49
commit 980fa55846
No known key found for this signature in database
GPG key ID: A02A2019A2BB0944
2 changed files with 5 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

3
userapi/storage/shared/storage.go
View file

@ -75,6 +75,9 @@ func (d *Database) GetAccountByPassword(
if err != nil {
return nil, err
}
if hash == "" {
return nil, bcrypt.ErrHashTooShort
}
if err := bcrypt.CompareHashAndPassword([]byte(hash), []byte(plaintextPassword)); err != nil {
return nil, err
}