From 8e389ff8240de9111e77a9c01de4754b3c95b7ae Mon Sep 17 00:00:00 2001
From: Ari Timonen <arit@fastmail.com>
Date: Thu, 5 Aug 2021 20:01:40 +0300
Subject: [PATCH] Fix user hash error

---
 app/models/user.rb | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/app/models/user.rb b/app/models/user.rb
index c90500d..7435128 100755
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -467,7 +467,13 @@ class User < ActiveRecord::Base
       case user.password_hash
       when User::PASSWORD_SCRYPT
         # FIXME: If exception occurs here, user cannot log in
-        pass = SCrypt::Password.new(user.password)
+        begin
+          pass = SCrypt::Password.new(user.password)
+        rescue
+          logger.error "User (%s) password hash is invalid."
+          flash[:error] = "Password hash is invalid, please use forget password functionality or contact admin."
+          return nil
+        end
         return user if pass == login[:password]
       when User::PASSWORD_MD5_SCRYPT
         pass = SCrypt::Password.new(user.password)