mod_auth_internal_hashed: Allow creating disabled account without password
Otherwise, create_user(username, nil) leads to the account being
deleted.
--- a/plugins/mod_auth_internal_hashed.lua Thu Aug 18 16:46:07 2022 +0100
+++ b/plugins/mod_auth_internal_hashed.lua Thu Aug 18 17:50:56 2022 +0200
@@ -115,8 +115,9 @@
end
function provider.create_user(username, password)
+ local now = os.time();
if password == nil then
- return accounts:set(username, {});
+ return accounts:set(username, { created = now; updated = now; disabled = true });
end
local salt = generate_uuid();
local valid, stored_key, server_key = get_auth_db(password, salt, default_iteration_count);
@@ -125,7 +126,6 @@
end
local stored_key_hex = to_hex(stored_key);
local server_key_hex = to_hex(server_key);
- local now = os.time();
return accounts:set(username, {
stored_key = stored_key_hex, server_key = server_key_hex,
salt = salt, iteration_count = default_iteration_count,