mirror/php-auth
1
0
Fork 0
mirror of https://github.com/delight-im/PHP-Auth.git synced 2025-10-23 11:56:04 +02:00
Code Issues Releases Wiki Activity

Restrict new passwords to 72 characters in length

Browse Source
This commit is contained in:
Marco
2025-04-30 13:54:16 +02:00
parent 233640502c
commit 05854dad61
3 changed files with 13 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/Auth.php
View File

@@ -779,7 +779,7 @@ final class Auth extends UserManager {
*/
public function changePasswordWithoutOldPassword($newPassword) {
if ($this->isLoggedIn()) {
$newPassword = self::validatePassword($newPassword);
$newPassword = self::validatePassword($newPassword, true);
$this->updatePasswordInternal($this->getUserId(), $newPassword);
try {
@@ -1560,7 +1560,7 @@ final class Auth extends UserManager {
if ((int) $resetData['resettable'] === 1) {
if (\password_verify($token, $resetData['token'])) {
if ($resetData['expires'] >= \time()) {
$newPassword = self::validatePassword($newPassword);
$newPassword = self::validatePassword($newPassword, true);
$this->updatePasswordInternal($resetData['user'], $newPassword);
$this->forceLogoutForUserById($resetData['user']);