Don't override `credentials_url` password with connection password

Causes login failure when one-time tokens are used.

Don't override `credentials_url` password with connection password
Causes login failure when one-time tokens are used.
ea207ad6 · JC Brand · 7eecd6b1 · ea207ad6
Commit ea207ad6 authored May 11, 2017 by JC Brand
Hide whitespace changes
Inline Side-by-side

Showing with 4 additions and 5 deletions

src/converse-core.js src/converse-core.js +4 -5

No files found.
--- a/src/converse-core.js
+++ b/src/converse-core.js
@@ -1973,10 +1973,9 @@

        this.autoLogin = function (credentials) {
            if (credentials) {
-                // If passed in, then they come from credentials_url, so we
-                // set them on the _converse object.
+                // If passed in, the credentials come from credentials_url,
+                // so we set them on the converse object.
                this.jid = credentials.jid;
-                this.password = credentials.password;
            }
            if (this.authentication === _converse.ANONYMOUS) {
                if (!this.jid) {
@@ -1988,9 +1987,9 @@
                this.connection.reset();
                this.connection.connect(this.jid.toLowerCase(), null, this.onConnectStatusChanged);
            } else if (this.authentication === _converse.LOGIN) {
-                var password = _converse.connection.pass || this.password;
+                var password = _.isNil(credentials) ? (_converse.connection.pass || this.password) : credentials.password;
                if (!password) {
-                    if (this.auto_login && !this.password) {
+                    if (this.auto_login) {
                        throw new Error("initConnection: If you use auto_login and "+
                            "authentication='login' then you also need to provide a password.");
                    }