fix hierarchy of authentication modules, make everything extend Auth_Base and implement hook_auth_user() for pluginhost

1 files changed, 7 insertions, 3 deletions

diff --git a/plugins/auth_internal/init.php b/plugins/auth_internal/init.php
index 134d3b45e..b31a23187 100644
--- a/plugins/auth_internal/init.php
+++ b/plugins/auth_internal/init.php
@@ -1,5 +1,5 @@
 <?php
-class Auth_Internal extends Plugin implements IAuthModule {
+class Auth_Internal extends Auth_Base {
 
 	private $host;
 
@@ -13,7 +13,6 @@ class Auth_Internal extends Plugin implements IAuthModule {
 	/* @var PluginHost $host */
 	function init($host) {
 		$this->host = $host;
-		$this->pdo = Db::pdo();
 
 		$host->add_hook($host::HOOK_AUTH_USER, $this);
 	}
@@ -178,7 +177,7 @@ class Auth_Internal extends Plugin implements IAuthModule {
 		return false;
 	}
 
-	function check_password($owner_uid, $password) {
+	function check_password($owner_uid, $password, $service = '') {
 
 		$sth = $this->pdo->prepare("SELECT salt,login,otp_enabled FROM ttrss_users WHERE
 			id = ?");
@@ -189,6 +188,11 @@ class Auth_Internal extends Plugin implements IAuthModule {
 			$salt = $row['salt'];
 			$login = $row['login'];
 
+			// check app password only if service is specified
+			if ($service && get_schema_version() > 138) {
+				return $this->check_app_password($login, $password, $service);
+			}
+
 			if (!$salt) {
 				$password_hash1 = encrypt_password($password);
 				$password_hash2 = encrypt_password($password, $login);