From 3c79bdd7a06bcebb547e5a7abb7393fbede7ef0c Mon Sep 17 00:00:00 2001 From: Mark Haines Date: Thu, 14 Apr 2016 19:00:21 +0100 Subject: [PATCH] Fix check_password rather than inverting the meaning of _check_local_password (#730) --- synapse/handlers/auth.py | 21 ++++++++++++--------- 1 file changed, 12 insertions(+), 9 deletions(-) diff --git a/synapse/handlers/auth.py b/synapse/handlers/auth.py index 9341cb5cfe..916632c7d7 100644 --- a/synapse/handlers/auth.py +++ b/synapse/handlers/auth.py @@ -428,24 +428,27 @@ class AuthHandler(BaseHandler): @defer.inlineCallbacks def _check_password(self, user_id, password): - defer.returnValue( - not ( - (yield self._check_ldap_password(user_id, password)) - or - (yield self._check_local_password(user_id, password)) - )) + """ + Returns: + True if the user_id successfully authenticated + """ + defer.returnValue(( + (yield self._check_ldap_password(user_id, password)) + or + (yield self._check_local_password(user_id, password)) + )) @defer.inlineCallbacks def _check_local_password(self, user_id, password): try: user_id, password_hash = yield self._find_user_id_and_pwd_hash(user_id) - defer.returnValue(not self.validate_hash(password, password_hash)) + defer.returnValue(self.validate_hash(password, password_hash)) except LoginError: - defer.returnValue(True) + defer.returnValue(False) @defer.inlineCallbacks def _check_ldap_password(self, user_id, password): - if self.ldap_enabled is not True: + if not self.ldap_enabled: logger.debug("LDAP not configured") defer.returnValue(False)