Skip to content

Commit

Permalink
fix: Use hashed password in files_external settings
Browse files Browse the repository at this point in the history
Signed-off-by: Louis Chemineau <[email protected]>
  • Loading branch information
artonge authored and backportbot[bot] committed Sep 26, 2024
1 parent 80d5cde commit 413d36c
Showing 1 changed file with 8 additions and 0 deletions.
8 changes: 8 additions & 0 deletions apps/files_external/lib/Lib/Auth/Password/GlobalAuth.php
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,7 @@
*/
class GlobalAuth extends AuthMechanism {
public const CREDENTIALS_IDENTIFIER = 'password::global';
private const PWD_PLACEHOLDER = '************************';

/** @var ICredentialsManager */
protected $credentialsManager;
Expand All @@ -59,11 +60,18 @@ public function getAuth($uid) {
'password' => ''
];
} else {
$auth['password'] = self::PWD_PLACEHOLDER;
return $auth;
}
}

public function saveAuth($uid, $user, $password) {
// Use old password if it has not changed.
if ($password === self::PWD_PLACEHOLDER) {
$auth = $this->credentialsManager->retrieve($uid, self::CREDENTIALS_IDENTIFIER);
$password = $auth['password'];
}

$this->credentialsManager->store($uid, self::CREDENTIALS_IDENTIFIER, [
'user' => $user,
'password' => $password
Expand Down

0 comments on commit 413d36c

Please sign in to comment.