+ return $user['uid'];
+ }
+ } elseif (!empty($user['legacy_password'])) {
+ //Legacy hash that has been double-hashed and not replaced by a new hash yet
+ //Warning: `legacy_password` is not necessary in sync with the content of `password`
+ if (password_verify(self::hashPasswordLegacy($password), $user['password'])) {
+ self::updatePassword($user['uid'], $password);
+