Use User::updatePasswordHashed directly when re-hashing a password

diff --git a/src/Model/User.php b/src/Model/User.php
index c71ae475e9699499af33637b69ff4ada45930eca..f24a0a2986cebb2fe7abf077560890e346f3de0e 100644 (file)
--- a/src/Model/User.php
+++ b/src/Model/User.php
@@ -192,7 +192,7 @@ class User
                if (strpos($user['password'], '$') === false) {
                        //Legacy hash that has not been replaced by a new hash yet
                        if (self::hashPasswordLegacy($password) === $user['password']) {
-                               self::updatePassword($user['uid'], $password);
+                               self::updatePasswordHashed($user['uid'], self::hashPassword($password));
 
                                return $user['uid'];
                        }
@@ -200,14 +200,14 @@ class User
                        //Legacy hash that has been double-hashed and not replaced by a new hash yet
                        //Warning: `legacy_password` is not necessary in sync with the content of `password`
                        if (password_verify(self::hashPasswordLegacy($password), $user['password'])) {
-                               self::updatePassword($user['uid'], $password);
+                               self::updatePasswordHashed($user['uid'], self::hashPassword($password));
 
                                return $user['uid'];
                        }
                } elseif (password_verify($password, $user['password'])) {
                        //New password hash
                        if (password_needs_rehash($user['password'], PASSWORD_DEFAULT)) {
-                               self::updatePassword($user['uid'], $password);
+                               self::updatePasswordHashed($user['uid'], self::hashPassword($password));
                        }
 
                        return $user['uid'];