- my($self, $username, $check_password ) = @_;
+ my($self, $username, $check_password, $totp_code ) = @_;
if ( $access_user->_password_encoding eq 'bcrypt' ) {
my( $cost, $salt, $hash ) = split(',', $access_user->_password);
if ( $access_user->_password_encoding eq 'bcrypt' ) {
my( $cost, $salt, $hash ) = split(',', $access_user->_password);
my($self, $access_user, $new_password) = @_;
# do nothing if the password is unchanged
my($self, $access_user, $new_password) = @_;
# do nothing if the password is unchanged
- return if $self->authenticate( $access_user, $new_password );
+ #XXX breaks password changes in employee edit ($access_user object already
+ # has new [plaintext] password)
+ #return if $self->authenticate( $access_user, $new_password );