Bug 1009017: users are unable to log in if their password needs to be
re-encrypted and their password does not match the current complexity rule r=dkl, a=glob4.4
parent
ab999b1355
commit
6262f4fba8
2
.gitrev
2
.gitrev
|
@ -1 +1 @@
|
|||
a7c6e8a56bdcac31c2620076657a8c608dd18581
|
||||
f7f5857fdb5bd06e27c0238215ecd24d9c580db8
|
|
@ -68,7 +68,9 @@ sub check_credentials {
|
|||
# whatever hashing system we're using now.
|
||||
my $current_algorithm = PASSWORD_DIGEST_ALGORITHM;
|
||||
if ($real_password_crypted !~ /{\Q$current_algorithm\E}$/) {
|
||||
$user->set_password($password);
|
||||
# We can't call $user->set_password because we don't want the password
|
||||
# complexity rules to apply here.
|
||||
$user->{cryptpassword} = bz_crypt($password);
|
||||
$user->update();
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue