Correctly handle NULL password hashes from the database

2025-05-02 10:46:06 -04:00 · 2016-05-11 12:06:02 +01:00 · 2016-05-11 12:06:02 +01:00 · 1400bb1663
commit 1400bb1663
parent ae1af262f6
1 changed files with 4 additions and 1 deletions
--- a/synapse/handlers/auth.py
+++ b/synapse/handlers/auth.py
@ -615,4 +615,7 @@ class AuthHandler(BaseHandler):
        Returns:
            Whether self.hash(password) == stored_hash (bool).
        """
-        return bcrypt.hashpw(password, stored_hash) == stored_hash
+        if stored_hash:
+            return bcrypt.hashpw(password, stored_hash) == stored_hash
+        else:
+            return False