Handle nil values correctly in User.authenticateUser

2019-11-11 11:07:52 +01:00 · 2019-11-11 11:07:52 +01:00 · 1d9856ff93
commit 1d9856ff93
parent 241d504a76
2 changed files with 7 additions and 1 deletions
--- a/app/models/user.rb
+++ b/app/models/user.rb
@ -203,7 +203,7 @@ class User < ApplicationRecord

  def self.authenticate(login, password)
    user = find_by_nick(login) || find_by_email(login)
-    if user && user.has_password(password)
+    if user && password && user.has_password(password)
      user
    else
      nil