felixfoertsch/tildes
1
0
Fork 0
mirror of https://gitlab.com/tildes/tildes.git synced 2026-04-17 14:59:11 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fix error from trying to log into no-password user

Browse Source 
I think someone tried to log into the special internal account named
"Tildes", which isn't possible (since it has no password), but caused a
crash.
This commit is contained in:
Deimos
2020-07-24 18:12:04 -06:00
parent 9a82f2c640
commit 6f1377fe0d
1 changed files with 7 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
tildes/tildes/models/user/user.py
View File

@@ -246,6 +246,13 @@ class User(DatabaseModel):
def is_correct_password(self, password: str) -> bool:
"""Check if the password is correct for this user."""
# Some accounts have no password - the special-purpose "fake" accounts (ones
# with user_id <= 0), and it's possible to happen for a real account as well, in
# a niche case like un-deleting an account that was deleted a long time ago.
# Trying to check a password on those accounts will error, so just always fail.
if not self.password_hash:
return False
return is_match_for_hash(password, self.password_hash)
def change_password(self, old_password: str, new_password: str) -> None: