From 23ef02fbe2b95a3be6eb21c8864bcbbef8d4a228 Mon Sep 17 00:00:00 2001
From: Joas Schilling <coding@schilljs.com>
Date: Wed, 16 Feb 2022 17:56:49 +0100
Subject: [PATCH 1/2] Use the cache also for UserBackend::getPassword

Signed-off-by: Joas Schilling <coding@schilljs.com>
---
 lib/private/User/Database.php | 23 ++++++-----------------
 1 file changed, 6 insertions(+), 17 deletions(-)

diff --git a/lib/private/User/Database.php b/lib/private/User/Database.php
index 81094d4d8af72..b2018c02a3e72 100644
--- a/lib/private/User/Database.php
+++ b/lib/private/User/Database.php
@@ -329,28 +329,16 @@ public function searchKnownUsersByDisplayName(string $searcher, string $pattern,
 	 * returns the user id or false
 	 */
 	public function checkPassword(string $loginName, string $password) {
-		$this->fixDI();
+		$found = $this->loadUser($loginName);
 
-		$qb = $this->dbConn->getQueryBuilder();
-		$qb->select('uid', 'password')
-			->from($this->table)
-			->where(
-				$qb->expr()->eq(
-					'uid_lower', $qb->createNamedParameter(mb_strtolower($loginName))
-				)
-			);
-		$result = $qb->execute();
-		$row = $result->fetch();
-		$result->closeCursor();
-
-		if ($row) {
-			$storedHash = $row['password'];
+		if ($found && is_array($this->cache[$loginName])) {
+			$storedHash = $this->cache[$loginName]['password'];
 			$newHash = '';
 			if (\OC::$server->getHasher()->verify($password, $storedHash, $newHash)) {
 				if (!empty($newHash)) {
 					$this->updatePassword($loginName, $newHash);
 				}
-				return (string)$row['uid'];
+				return (string)$this->cache[$loginName]['uid'];
 			}
 		}
 
@@ -375,7 +363,7 @@ private function loadUser($uid) {
 			}
 
 			$qb = $this->dbConn->getQueryBuilder();
-			$qb->select('uid', 'displayname')
+			$qb->select('uid', 'displayname', 'password')
 				->from($this->table)
 				->where(
 					$qb->expr()->eq(
@@ -391,6 +379,7 @@ private function loadUser($uid) {
 				$this->cache[$uid] = [
 					'uid' => (string)$row['uid'],
 					'displayname' => (string)$row['displayname'],
+					'password' => (string)$row['password'],
 				];
 			} else {
 				$this->cache[$uid] = false;

From 25caf4a42c7e3a705137e997627249ef71665b53 Mon Sep 17 00:00:00 2001
From: Joas Schilling <coding@schilljs.com>
Date: Fri, 18 Feb 2022 09:47:18 +0100
Subject: [PATCH 2/2] Update cache when setting the password

Signed-off-by: Joas Schilling <coding@schilljs.com>
---
 lib/private/User/Database.php | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/lib/private/User/Database.php b/lib/private/User/Database.php
index b2018c02a3e72..a9464c2708567 100644
--- a/lib/private/User/Database.php
+++ b/lib/private/User/Database.php
@@ -193,7 +193,13 @@ public function setPassword(string $uid, string $password): bool {
 			$hasher = \OC::$server->getHasher();
 			$hashedPassword = $hasher->hash($password);
 
-			return $this->updatePassword($uid, $hashedPassword);
+			$return = $this->updatePassword($uid, $hashedPassword);
+
+			if ($return) {
+				$this->cache[$uid]['password'] = $hashedPassword;
+			}
+
+			return $return;
 		}
 
 		return false;