From 1ee2b078ba9b86b31393c2ce21e33ac59df0a911 Mon Sep 17 00:00:00 2001 From: Alberto Rodriguez Date: Sat, 28 Feb 2026 13:08:34 -0400 Subject: [PATCH] fix: xheck if the authenticator is the current one before issuing the warning --- src/Controller/Component/LoginComponent.php | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/Controller/Component/LoginComponent.php b/src/Controller/Component/LoginComponent.php index 1b502814..3d0d5735 100644 --- a/src/Controller/Component/LoginComponent.php +++ b/src/Controller/Component/LoginComponent.php @@ -216,7 +216,12 @@ protected function handlePasswordRehash($service, $user, \Cake\Http\ServerReques /** @var \Authentication\Identifier\IdentifierCollection $identifierCollection */ $identifierCollection = $authenticationProvider->getIdentifier(); + $authenticators = $service->authenticators(); foreach ($authenticatorNames as $authenticatorName => $identifierName) { + if ($authenticators->has($authenticatorName) && $authenticators->get($authenticatorName) !== $authenticationProvider) { + continue; + } + if (!$identifierCollection->has($identifierName)) { Log::warning("Error saving user id $user->id password after rehashing: identifier $identifierName not found for authenticator $authenticatorName. Check your Auth.PasswordRehash.authenticators configuration."); continue;