auth_base: choose random password if not supplied by auth module
This commit is contained in:
parent
a4fd183b58
commit
ea46d90eee
1 changed files with 3 additions and 1 deletions
|
@ -16,10 +16,12 @@ class Auth_Base {
|
|||
|
||||
// Auto-creates specified user if allowed by system configuration
|
||||
// Can be used instead of find_user_by_login() by external auth modules
|
||||
function auto_create_user($login, $password) {
|
||||
function auto_create_user($login, $password = false) {
|
||||
if ($login && defined('AUTH_AUTO_CREATE') && AUTH_AUTO_CREATE) {
|
||||
$user_id = $this->find_user_by_login($login);
|
||||
|
||||
if (!$password) $password = make_password();
|
||||
|
||||
if (!$user_id) {
|
||||
$login = $this->dbh->escape_string($login);
|
||||
$salt = substr(bin2hex(get_random_bytes(125)), 0, 250);
|
||||
|
|
Loading…
Reference in a new issue