From 3ea004f75dada19100cec80bdeaf8c613d18e405 Mon Sep 17 00:00:00 2001
From: Lennart <18233294+lennart-k@users.noreply.github.com>
Date: Sun, 3 Nov 2024 13:10:52 +0100
Subject: [PATCH] store auth: Fix bug that app tokens were only usable when
 password is set

---
 crates/store/src/auth/static_user_store.rs | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/crates/store/src/auth/static_user_store.rs b/crates/store/src/auth/static_user_store.rs
index 80a94b8..01827ad 100644
--- a/crates/store/src/auth/static_user_store.rs
+++ b/crates/store/src/auth/static_user_store.rs
@@ -44,11 +44,6 @@ impl AuthenticationProvider for StaticUserStore {
             None => return Ok(None),
         };
 
-        let password = match &user_entry.user.password {
-            Some(password) => password,
-            None => return Ok(None),
-        };
-
         // Try app tokens first since they are cheaper to calculate
         // They can afford less iterations since they can be generated with high entropy
         for app_token in &user_entry.app_tokens {
@@ -56,6 +51,12 @@ impl AuthenticationProvider for StaticUserStore {
                 return Ok(Some(user_entry.user));
             }
         }
+
+        let password = match &user_entry.user.password {
+            Some(password) => password,
+            None => return Ok(None),
+        };
+
         if password_auth::verify_password(token, password).is_ok() {
             return Ok(Some(user_entry.user));
         }