From eb0aa33ab6824683881ab3d1207e45472cc4d5c7 Mon Sep 17 00:00:00 2001 From: Louis Chemineau Date: Tue, 24 Sep 2024 16:20:04 +0200 Subject: [PATCH] fix: Use hashed password in files_external settings Signed-off-by: Louis Chemineau --- apps/files_external/lib/Lib/Auth/Password/GlobalAuth.php | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/apps/files_external/lib/Lib/Auth/Password/GlobalAuth.php b/apps/files_external/lib/Lib/Auth/Password/GlobalAuth.php index dff5bf8662533..99fb03007ea86 100644 --- a/apps/files_external/lib/Lib/Auth/Password/GlobalAuth.php +++ b/apps/files_external/lib/Lib/Auth/Password/GlobalAuth.php @@ -37,6 +37,7 @@ */ class GlobalAuth extends AuthMechanism { public const CREDENTIALS_IDENTIFIER = 'password::global'; + private const PWD_PLACEHOLDER = '************************'; /** @var ICredentialsManager */ protected $credentialsManager; @@ -59,11 +60,18 @@ public function getAuth($uid) { 'password' => '' ]; } else { + $auth['password'] = self::PWD_PLACEHOLDER; return $auth; } } public function saveAuth($uid, $user, $password) { + // Use old password if it has not changed. + if ($password === self::PWD_PLACEHOLDER) { + $auth = $this->credentialsManager->retrieve($uid, self::CREDENTIALS_IDENTIFIER); + $password = $auth['password']; + } + $this->credentialsManager->store($uid, self::CREDENTIALS_IDENTIFIER, [ 'user' => $user, 'password' => $password