Make sure passwords aren't set upon every login

Author: stevebauman

src/Commands/SyncPassword.php

@@ -84,9 +84,13 @@ protected function applyPassword($password)
      */
     protected function passwordNeedsUpdate($password = null) : bool
     {
-        $current = $this->currentPassword();
+        $current = $this->currentModelPassword();
 
-        return is_null($current) || ! Hash::check($password, $current);
+        if ($this->canSync()) {
+            return ! Hash::check($password, $current);
+        }
+
+        return is_null($current);
     }
 
     /**
@@ -116,7 +120,7 @@ protected function password()
      *
      * @return string|null
      */
-    protected function currentPassword()
+    protected function currentModelPassword()
     {
         return $this->model->getAttribute($this->column());
     }

tests/DatabaseProviderTest.php

@@ -198,7 +198,7 @@ public function passwords_are_synced_when_enabled()
     }
 
     /** @test */
-    public function passwords_are_not_synced_when_enabled()
+    public function passwords_are_not_synced_when_sync_is_disabled()
     {
         config(['adldap_auth.passwords.sync' => false]);
 
@@ -215,6 +215,25 @@ public function passwords_are_not_synced_when_enabled()
         $this->assertFalse(Hash::check($credentials['password'], $user->password));
     }
 
+    /** @test */
+    public function passwords_are_not_updated_when_sync_is_disabled()
+    {
+        config(['adldap_auth.passwords.sync' => false]);
+
+        $credentials = [
+            'email' => 'jdoe@email.com',
+            'password' => '12345',
+        ];
+
+        $this->auth_passes($credentials);
+
+        $user = EloquentUser::first();
+
+        $this->auth_passes($credentials);
+
+        $this->assertEquals($user->password, $user->fresh()->password);
+    }
+
     /** @test */
     public function trashed_rule_prevents_deleted_users_from_logging_in()
     {