From 1400bb1663657565be9e3051058a3af8ac02de96 Mon Sep 17 00:00:00 2001 From: Erik Johnston Date: Wed, 11 May 2016 12:06:02 +0100 Subject: [PATCH] Correctly handle NULL password hashes from the database --- synapse/handlers/auth.py | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/synapse/handlers/auth.py b/synapse/handlers/auth.py index 61fe56032..6e7d080ec 100644 --- a/synapse/handlers/auth.py +++ b/synapse/handlers/auth.py @@ -615,4 +615,7 @@ class AuthHandler(BaseHandler): Returns: Whether self.hash(password) == stored_hash (bool). """ - return bcrypt.hashpw(password, stored_hash) == stored_hash + if stored_hash: + return bcrypt.hashpw(password, stored_hash) == stored_hash + else: + return False