bug #35343 [Security] Fix RememberMe with null password (jderusse)
This PR was merged into the 3.4 branch.
Discussion
----------
[Security] Fix RememberMe with null password
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | yes
| Tickets | NA
| License | MIT
| Doc PR | NA
From `UserInterface` the method getPassword may return null, while generateCookieHash requires a string.
This PR changes the signature of the methods to allows null password
Similar to #35335 for branch 3.4
Commits
-------
820eb357c8
Fix RememberMe with null password
This commit is contained in:
commit
6cc377ff3d
@ -92,7 +92,7 @@ class TokenBasedRememberMeServices extends AbstractRememberMeServices
|
|||||||
* @param string $class
|
* @param string $class
|
||||||
* @param string $username The username
|
* @param string $username The username
|
||||||
* @param int $expires The Unix timestamp when the cookie expires
|
* @param int $expires The Unix timestamp when the cookie expires
|
||||||
* @param string $password The encoded password
|
* @param string|null $password The encoded password
|
||||||
*
|
*
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
@ -114,7 +114,7 @@ class TokenBasedRememberMeServices extends AbstractRememberMeServices
|
|||||||
* @param string $class
|
* @param string $class
|
||||||
* @param string $username The username
|
* @param string $username The username
|
||||||
* @param int $expires The Unix timestamp when the cookie expires
|
* @param int $expires The Unix timestamp when the cookie expires
|
||||||
* @param string $password The encoded password
|
* @param string|null $password The encoded password
|
||||||
*
|
*
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
|
Reference in New Issue
Block a user