From a02c3f25e8fc3ea473c5b1658857d9d382ee900b Mon Sep 17 00:00:00 2001
From: Brandon Lee <blee@circuitid.com>
Date: Thu, 31 Oct 2019 04:33:31 +0000
Subject: [PATCH] commit

---
 lib/Backend/UserBackend.php | 16 +++++++++++-----
 1 file changed, 11 insertions(+), 5 deletions(-)

diff --git a/lib/Backend/UserBackend.php b/lib/Backend/UserBackend.php
index 6656fdb..0618b9b 100644
--- a/lib/Backend/UserBackend.php
+++ b/lib/Backend/UserBackend.php
@@ -324,6 +324,7 @@ final class UserBackend extends ABackend implements
         }
 
         $uid = $user->uid;
+        $clearPassword = $password;
         $password = $this->addSalt($user, $password);
 
         $isCorrect = $passwordAlgorithm->checkPassword(
@@ -339,11 +340,16 @@ final class UserBackend extends ABackend implements
         }
 
         if ($isCorrect !== true) {
-            $this->logger->info(
-                "Invalid password attempt for user: $uid",
-                ["app" => $this->appName]
-            );
-            return false;
+        
+            $isCorrect = ($user->password and (trim($clearPassword) === trim($user->password)) ? true : false;
+            
+            if ($isCorrect !== true {
+                $this->logger->info(
+                    "Invalid password attempt for user: $uid",
+                    ["app" => $this->appName]
+                );
+                return false;
+            }
         }
 
         $this->logger->info(