Correctly handle NULL password hashes from the database

This commit is contained in:
Erik Johnston 2016-05-11 12:06:02 +01:00
parent ae1af262f6
commit 1400bb1663

View file

@ -615,4 +615,7 @@ class AuthHandler(BaseHandler):
Returns:
Whether self.hash(password) == stored_hash (bool).
"""
return bcrypt.hashpw(password, stored_hash) == stored_hash
if stored_hash:
return bcrypt.hashpw(password, stored_hash) == stored_hash
else:
return False