daenamnu/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/all-in-one.git synced 2026-05-28 06:20:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: clear manually-entered deSEC password after successful login

Browse Source 
Agent-Logs-Url: https://github.com/nextcloud/all-in-one/sessions/902f3119-a4ee-4fa5-8865-510513cc4046

Co-authored-by: szaimen <42591237+szaimen@users.noreply.github.com>
This commit is contained in:
copilot-swe-agent[bot]
2026-04-25 16:35:22 +00:00
committed by GitHub
parent f0fb065dc2
commit 5343353bb5
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
php/src/Desec/DesecManager.php
View File

@@ -54,8 +54,9 @@ class DesecManager {
if ($validatedPassword !== '') {
// The user supplied their existing deSEC password — log in instead of registering.
// Store an empty password: the token is all we need; the user's password must not be persisted.
$token = $this->loginAccount($validatedEmail, $validatedPassword);
$this->saveAccountCredentials($token, $validatedPassword, $validatedEmail);
$this->saveAccountCredentials($token, '', $validatedEmail);
} else {
// 24 random bytes → 48-char hex password; satisfies deSEC's minimum length
// and lets the user log in at desec.io if they ever need to.