Merge pull request 'fix: vérification du mdp en cas de mdp non défini' (#37) from issue-mse-3699 into develop
Cadoles/hydra-sql/pipeline/head This commit is unstable Details

Reviewed-on: #37
Reviewed-by: Matthieu Lamalle <mlamalle@cadoles.com>
This commit is contained in:
Matthieu Lamalle 2024-06-06 13:43:13 +02:00
commit 769e7ed59e
1 changed files with 4 additions and 2 deletions

View File

@ -84,9 +84,11 @@ class SQLLoginUserAuthenticator extends AbstractLoginFormAuthenticator
$request->getSession()->set(self::ERROR_LOGIN, true); $request->getSession()->set(self::ERROR_LOGIN, true);
throw new AuthenticationException(); throw new AuthenticationException();
} }
if (!$remoteHashedPassword) {
throw new Exception('Erreur inconnue'); if (null === $remoteHashedPassword) {
$remoteHashedPassword = "";
} }
try { try {
// Comparaison remote hash et hash du input password + salt // Comparaison remote hash et hash du input password + salt
$this->passwordHasher->verify($remoteHashedPassword, $plaintextPassword, $remoteSalt); $this->passwordHasher->verify($remoteHashedPassword, $plaintextPassword, $remoteSalt);