Fix: Remove redundant password history checks in cache loading

Eliminated the unnecessary verification steps related to password history within the cache loading process. This streamlines the function and avoids redundant password lookups for already known wrong passwords.

Signed-off-by: Christian Roessner <[email protected]>

Author: Christian Roessner

server/core/cache.go

@@ -52,7 +52,6 @@ func cachePassDB(auth *AuthState) (passDBResult *PassDBResult, err error) {
 			ppc = &backend.PositivePasswordCache{}
 
 			isRedisErr := false
-
 			if isRedisErr, err = backend.LoadCacheFromRedis(auth.HTTPClientContext, redisPosUserKey, ppc); err != nil {
 				return
 			}
@@ -78,19 +77,5 @@ func cachePassDB(auth *AuthState) (passDBResult *PassDBResult, err error) {
 		}
 	}
 
-	if !passDBResult.Authenticated {
-		if key := auth.getPasswordHistoryRedisHashKey(true); key != "" {
-			auth.loadPasswordHistoryFromRedis(key)
-		}
-
-		// Prevent password lookups for already known wrong passwords (And the user is unknown in the entire system)
-		if auth.PasswordHistory != nil {
-			passwordHash := util.GetHash(util.PreparePassword(auth.Password))
-			if _, foundPassword := (*auth.PasswordHistory)[passwordHash]; foundPassword {
-				passDBResult.UserFound = true
-			}
-		}
-	}
-
 	return
 }