Commit 6f1377fe authored by Deimos's avatar Deimos

Fix error from trying to log into no-password user

I think someone tried to log into the special internal account named
"Tildes", which isn't possible (since it has no password), but caused a
crash.
parent 9a82f2c6
......@@ -246,6 +246,13 @@ class User(DatabaseModel):
def is_correct_password(self, password: str) -> bool:
"""Check if the password is correct for this user."""
# Some accounts have no password - the special-purpose "fake" accounts (ones
# with user_id <= 0), and it's possible to happen for a real account as well, in
# a niche case like un-deleting an account that was deleted a long time ago.
# Trying to check a password on those accounts will error, so just always fail.
if not self.password_hash:
return False
return is_match_for_hash(password, self.password_hash)
def change_password(self, old_password: str, new_password: str) -> None:
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment