From 51d2deeea911e84ea2e56b78544445de22f881b9 Mon Sep 17 00:00:00 2001
From: Andrew Dolgov <noreply@fakecake.org>
Date: Mon, 8 Feb 2021 19:11:31 +0300
Subject: fix hierarchy of authentication modules, make everything extend
 Auth_Base and implement hook_auth_user() for pluginhost

---
 plugins/auth_internal/init.php | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

(limited to 'plugins/auth_internal/init.php')

diff --git a/plugins/auth_internal/init.php b/plugins/auth_internal/init.php
index 134d3b45e..b31a23187 100644
--- a/plugins/auth_internal/init.php
+++ b/plugins/auth_internal/init.php
@@ -1,5 +1,5 @@
 <?php
-class Auth_Internal extends Plugin implements IAuthModule {
+class Auth_Internal extends Auth_Base {
 
 	private $host;
 
@@ -13,7 +13,6 @@ class Auth_Internal extends Plugin implements IAuthModule {
 	/* @var PluginHost $host */
 	function init($host) {
 		$this->host = $host;
-		$this->pdo = Db::pdo();
 
 		$host->add_hook($host::HOOK_AUTH_USER, $this);
 	}
@@ -178,7 +177,7 @@ class Auth_Internal extends Plugin implements IAuthModule {
 		return false;
 	}
 
-	function check_password($owner_uid, $password) {
+	function check_password($owner_uid, $password, $service = '') {
 
 		$sth = $this->pdo->prepare("SELECT salt,login,otp_enabled FROM ttrss_users WHERE
 			id = ?");
@@ -189,6 +188,11 @@ class Auth_Internal extends Plugin implements IAuthModule {
 			$salt = $row['salt'];
 			$login = $row['login'];
 
+			// check app password only if service is specified
+			if ($service && get_schema_version() > 138) {
+				return $this->check_app_password($login, $password, $service);
+			}
+
 			if (!$salt) {
 				$password_hash1 = encrypt_password($password);
 				$password_hash2 = encrypt_password($password, $login);
-- 
cgit v1.2.3