diff options
| author | Tobias Bengfort <tobias.bengfort@posteo.de> | 2025-01-07 12:16:10 +0100 |
|---|---|---|
| committer | Tobias Bengfort <tobias.bengfort@posteo.de> | 2025-01-07 15:13:28 +0100 |
| commit | 527ad715b3b74fada32ec52d7db096c5f65d57e5 (patch) | |
| tree | 2217e14d964d3cadfe8c9ee483f2a0a40b25ee90 /inc | |
| parent | fc09308ded8783eb2efdc4f95327c48c677fa7c7 (diff) | |
| download | dokuwiki-527ad715b3b74fada32ec52d7db096c5f65d57e5.tar.gz dokuwiki-527ad715b3b74fada32ec52d7db096c5f65d57e5.zip | |
allow to set unusable password
This could be used by plugins such as dokuwiki-plugin-oauth to create
accounts that can only by accessed via SSO.
Diffstat (limited to 'inc')
| -rw-r--r-- | inc/auth.php | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/inc/auth.php b/inc/auth.php index 51797e934..166e6b9b3 100644 --- a/inc/auth.php +++ b/inc/auth.php @@ -22,6 +22,8 @@ use phpseclib3\Crypt\AES; use phpseclib3\Crypt\Common\SymmetricKey; use phpseclib3\Exception\BadDecryptionException; +const UNUSABLE_PASSWORD = '!unusable'; + /** * Initialize the auth system. * @@ -1329,6 +1331,11 @@ function act_resendpwd() function auth_cryptPassword($clear, $method = '', $salt = null) { global $conf; + + if ($clear === null) { + return UNUSABLE_PASSWORD; + } + if (empty($method)) $method = $conf['passcrypt']; $pass = new PassHash(); @@ -1354,6 +1361,10 @@ function auth_cryptPassword($clear, $method = '', $salt = null) */ function auth_verifyPassword($clear, $crypt) { + if ($crypt === UNUSABLE_PASSWORD) { + return false; + } + $pass = new PassHash(); return $pass->verify_hash($clear, $crypt); } |