Fix 500 error when a passwordless user creates an email session
This commit is contained in:
parent
18039f5ba1
commit
7dec6c7321
|
@ -180,7 +180,7 @@ App::post('/v1/account/sessions/email')
|
|||
Query::equal('email', [$email]),
|
||||
]);
|
||||
|
||||
if (!$profile || !Auth::passwordVerify($password, $profile->getAttribute('password'), $profile->getAttribute('hash'), $profile->getAttribute('hashOptions'))) {
|
||||
if (!$profile || empty($profile->getAttribute('passwordUpdate')) || !Auth::passwordVerify($password, $profile->getAttribute('password'), $profile->getAttribute('hash'), $profile->getAttribute('hashOptions'))) {
|
||||
throw new Exception(Exception::USER_INVALID_CREDENTIALS);
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in a new issue