X-Git-Url: http://git.heureux-cyclage.org/?a=blobdiff_plain;f=includes%2Fuser%2FPasswordReset.php;h=f65bae5aa70e40d07077a195ae94048911ace8ce;hb=4ad6525624fc08cb7531db0a1abee8a99d0e3420;hp=e7825e423920badf287ae71760531d055b95933d;hpb=ef970021795d220af007fd603e4813c1122bc8ef;p=lhc%2Fweb%2Fwiklou.git

diff --git a/includes/user/PasswordReset.php b/includes/user/PasswordReset.php
index e7825e4239..f65bae5aa7 100644
--- a/includes/user/PasswordReset.php
+++ b/includes/user/PasswordReset.php
@@ -46,14 +46,14 @@ class PasswordReset implements LoggerAwareInterface {
 	/**
 	 * In-process cache for isAllowed lookups, by username.
 	 * Contains a StatusValue object
-	 * @var HashBagOStuff
+	 * @var MapCacheLRU
 	 */
 	private $permissionCache;
 
 	public function __construct( Config $config, AuthManager $authManager ) {
 		$this->config = $config;
 		$this->authManager = $authManager;
-		$this->permissionCache = new HashBagOStuff( [ 'maxKeys' => 1 ] );
+		$this->permissionCache = new MapCacheLRU( 1 );
 		$this->logger = LoggerFactory::getInstance( 'authentication' );
 	}
 
@@ -240,7 +240,9 @@ class PasswordReset implements LoggerAwareInterface {
 
 		$passwords = [];
 		foreach ( $reqs as $req ) {
-			$this->authManager->changeAuthenticationData( $req );
+			// This is adding a new temporary password, not intentionally changing anything
+			// (even though it might technically invalidate an old temporary password).
+			$this->authManager->changeAuthenticationData( $req, /* $isAddition */ true );
 		}
 
 		$this->logger->info(