From 360e2e6342499cc2fc071cc8a8c1729ca3cd3460 Mon Sep 17 00:00:00 2001
From: Alexandre Alapetite <alexandre@alapetite.fr>
Date: Sun, 15 Apr 2018 11:12:32 +0200
Subject: [PATCH] Revert removal of legacy_password column

https://github.com/friendica/friendica/pull/4782#issuecomment-380978218
---
 src/Model/User.php | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/src/Model/User.php b/src/Model/User.php
index d66c73d7eb..2621897f4e 100644
--- a/src/Model/User.php
+++ b/src/Model/User.php
@@ -128,12 +128,22 @@ class User
 		$user = self::getAuthenticationInfo($user_info);
 
 		if (strpos($user['password'], '$') === false) {
+			//Legacy hash that has not been replaced by a new hash yet
 			if (self::hashPasswordLegacy($password) === $user['password']) {
 				self::updatePassword($user['uid'], $password);
 
+				return $user['uid'];
+			}
+		} elseif (!empty($user['legacy_password'])) {
+			//Legacy hash that has been double-hashed and not replaced by a new hash yet
+			//Warning: `legacy_password` is not necessary in sync with the content of `password`
+			if (password_verify(self::hashPasswordLegacy($password), $user['password'])) {
+				self::updatePassword($user['uid'], $password);
+
 				return $user['uid'];
 			}
 		} elseif (password_verify($password, $user['password'])) {
+			//New password hash
 			if (password_needs_rehash($user['password'], PASSWORD_DEFAULT)) {
 				self::updatePassword($user['uid'], $password);
 			}