Skip to content

Commit

Permalink
fix: no password rehashing in case of webauthn login (#485)
Browse files Browse the repository at this point in the history
  • Loading branch information
asbiin authored Apr 8, 2024
1 parent 3e5eaa2 commit a47afc4
Showing 1 changed file with 13 additions and 0 deletions.
13 changes: 13 additions & 0 deletions src/Auth/EloquentWebAuthnProvider.php
Original file line number Diff line number Diff line change
Expand Up @@ -84,4 +84,17 @@ public function validateCredentials(User $user, array $credentials): bool

return false;
}

/**
* Rehash the user's password if required and supported.
*/
public function rehashPasswordIfRequired(User $user, array $credentials, bool $force = false): void
{
if ($this->isSignedChallenge($credentials)) {
// We don't need to rehash the password for WebAuthn credentials.
return;
}

parent::rehashPasswordIfRequired($user, $credentials, $force);
}
}

0 comments on commit a47afc4

Please sign in to comment.