diff options
| author | Neil Alexander <neilalexander@users.noreply.github.com> | 2022-10-10 10:39:29 +0100 |
|---|---|---|
| committer | Neil Alexander <neilalexander@users.noreply.github.com> | 2022-10-10 10:39:29 +0100 |
| commit | 980fa55846811eeff89f116c49b38b085143c64e (patch) | |
| tree | ffa5fa485bae1fbbb27b54befecf03a43b7e8a26 /userapi/storage | |
| parent | f1b8df0f49a8a2f2c3c9c4d421b880bd2b008e08 (diff) | |
Stronger passwordless account checks (fixes #2780)
Diffstat (limited to 'userapi/storage')
| -rw-r--r-- | userapi/storage/shared/storage.go | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/userapi/storage/shared/storage.go b/userapi/storage/shared/storage.go index 3ff299f1..09eeedc9 100644 --- a/userapi/storage/shared/storage.go +++ b/userapi/storage/shared/storage.go @@ -75,6 +75,9 @@ func (d *Database) GetAccountByPassword( if err != nil { return nil, err } + if hash == "" { + return nil, bcrypt.ErrHashTooShort + } if err := bcrypt.CompareHashAndPassword([]byte(hash), []byte(plaintextPassword)); err != nil { return nil, err } |