Skip to content

Commit 4c92ce8

Browse files
stevebaumanstevebauman
authored
Merge pull request #647 from DirectoryTree/BUG-645
Don't rehash passwords if password column is false
2 parents 42a3563 + b1ad38a commit 4c92ce8

File tree

2 files changed

+16
-1
lines changed

2 files changed

+16
-1
lines changed

src/Auth/DatabaseUserProvider.php

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -206,6 +206,8 @@ public function validateCredentials(Authenticatable $user, array $credentials):
206206
*/
207207
public function rehashPasswordIfRequired(Authenticatable $user, array $credentials, bool $force = false): void
208208
{
209-
$this->eloquent->rehashPasswordIfRequired($user, $credentials, $force);
209+
if (($this->synchronizer->getConfig()['password_column'] ?? 'password') !== false) {
210+
$this->eloquent->rehashPasswordIfRequired($user, $credentials, $force);
211+
}
210212
}
211213
}

tests/Feature/DatabaseUserProviderTest.php

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -159,4 +159,17 @@ public function test_failing_loudly_throws_exception_when_resolving_users()
159159

160160
$provider->retrieveByCredentials([]);
161161
}
162+
163+
public function test_rehash_password_if_required_does_nothing_when_password_column_disabled()
164+
{
165+
$synchronizer = new UserSynchronizer(TestUserModelStub::class, [
166+
'password_column' => false,
167+
]);
168+
169+
$provider = $this->createDatabaseUserProvider(synchronizer: $synchronizer);
170+
171+
$provider->rehashPasswordIfRequired($model = new TestUserModelStub, ['password' => 'secret']);
172+
173+
$this->assertNull($model->password);
174+
}
162175
}

0 commit comments

Comments
 (0)