Prevent logins with no password

3 years ago · 632ce663ee
parent 8c8c1b2015
commit 632ce663ee
1 changed files with 2 additions and 0 deletions
--- a/core/admin/mailu/models.py
+++ b/core/admin/mailu/models.py
@ -562,6 +562,8 @@ class User(Base, Email):
        """ verifies password against stored hash
            and updates hash if outdated
        """
+        if password == '':
+            return False
        cache_result = self._credential_cache.get(self.get_id())
        current_salt = self.password.split('$')[3] if len(self.password.split('$')) == 5 else None
        if cache_result and current_salt: