From 4226da5fc4161b4d018fe15589886359735eb6a8 Mon Sep 17 00:00:00 2001
From: Sylvain Dumont <sylvain.dumont35@gmail.com>
Date: Sat, 23 Feb 2019 16:14:24 +0100
Subject: [PATCH] handle $2b$ in hashed password check

bcrypt made $2b$ the default in bcrypt 2.0.0
---
 common/models/user.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/common/models/user.js b/common/models/user.js
index 665d4531..2c425164 100644
--- a/common/models/user.js
+++ b/common/models/user.js
@@ -1089,7 +1089,7 @@ module.exports = function(User) {
       if (typeof plain !== 'string') {
         return;
       }
-      if (plain.indexOf('$2a$') === 0 && plain.length === 60) {
+      if ((plain.indexOf('$2a$') === 0 || plain.indexOf('$2b$') === 0) && plain.length === 60) {
         // The password is already hashed. It can be the case
         // when the instance is loaded from DB
         this.$password = plain;