Fix check_password rather than inverting the meaning of _check_local_password (#730)
1 files changed, 12 insertions, 9 deletions
diff --git a/synapse/handlers/auth.py b/synapse/handlers/auth.py
index 9341cb5cfe..916632c7d7 100644
--- a/synapse/handlers/auth.py
+++ b/synapse/handlers/auth.py
@@ -428,24 +428,27 @@ class AuthHandler(BaseHandler):
@defer.inlineCallbacks
def _check_password(self, user_id, password):
- defer.returnValue(
- not (
- (yield self._check_ldap_password(user_id, password))
- or
- (yield self._check_local_password(user_id, password))
- ))
+ """
+ Returns:
+ True if the user_id successfully authenticated
+ """
+ defer.returnValue((
+ (yield self._check_ldap_password(user_id, password))
+ or
+ (yield self._check_local_password(user_id, password))
+ ))
@defer.inlineCallbacks
def _check_local_password(self, user_id, password):
try:
user_id, password_hash = yield self._find_user_id_and_pwd_hash(user_id)
- defer.returnValue(not self.validate_hash(password, password_hash))
+ defer.returnValue(self.validate_hash(password, password_hash))
except LoginError:
- defer.returnValue(True)
+ defer.returnValue(False)
@defer.inlineCallbacks
def _check_ldap_password(self, user_id, password):
- if self.ldap_enabled is not True:
+ if not self.ldap_enabled:
logger.debug("LDAP not configured")
defer.returnValue(False)
|
