From 24e270235047d16d5c405f68ea81cb8d1f2c4dbc Mon Sep 17 00:00:00 2001
From: Milos Stojanovic <alcalbg@gmail.com>
Date: Wed, 25 May 2022 11:54:04 +0200
Subject: [PATCH] database auth adapter - session fix

---
 backend/Services/Auth/Adapters/Database.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/backend/Services/Auth/Adapters/Database.php b/backend/Services/Auth/Adapters/Database.php
index 914cb1a..405ca95 100644
--- a/backend/Services/Auth/Adapters/Database.php
+++ b/backend/Services/Auth/Adapters/Database.php
@@ -60,7 +60,7 @@ class Database implements Service, AuthInterface
             ->fetch('SELECT * FROM users WHERE username = ?', $user->getUsername())
         ;
 
-        if ($ret && $hash == $ret->password) {
+        if ($ret && $hash == $ret->password.$ret->permissions.$ret->homedir.$ret->role) {
             return $user;
         }
 
@@ -76,7 +76,7 @@ class Database implements Service, AuthInterface
         if ($ret && $this->verifyPassword($password, $ret->password)) {
             $user = $this->mapToUserObject($ret);
             $this->store($user);
-            $this->session->set(self::SESSION_HASH, $ret->password);
+            $this->session->set(self::SESSION_HASH, $ret->password.$ret->permissions.$ret->homedir.$ret->role);
 
             return true;
         }