Fix issue with password rehash with a custom password field

CakeDC · Sep 21, 2023 · afb616c · afb616c
1 parent 0d796dc
commit afb616c
Showing 1 changed file with 3 additions and 2 deletions.
diff --git a/src/Controller/Component/LoginComponent.php b/src/Controller/Component/LoginComponent.php
@@ -198,8 +198,9 @@ protected function handlePasswordRehash($service, $user, \Cake\Http\ServerReques
             if (!$checker || method_exists($checker, 'needsPasswordRehash') && !$checker->needsPasswordRehash()) {
                 continue;
             }
-            $password = $request->getData('password');
-            $user->set('password', $password);
+            $passwordField = $checker->getConfig('fields.password', 'password');
+            $password = $request->getData($passwordField);
+            $user->set($passwordField, $password);
             $user->setDirty('modified');
             $this->getController()->getUsersTable()->save($user);
             break;