From dadb2527dae113a023af2517947f94d80ceb1fa6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bar=C4=B1=C5=9F=20Soner=20U=C5=9Fakl=C4=B1?=
 <barisusakli@gmail.com>
Date: Fri, 27 Nov 2020 11:34:14 -0500
Subject: [PATCH] fix: #8974, with password login for approval queue

---
 src/user/approval.js | 5 ++++-
 src/user/password.js | 5 ++++-
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/src/user/approval.js b/src/user/approval.js
index 8ea5916610..507aa7ef1b 100644
--- a/src/user/approval.js
+++ b/src/user/approval.js
@@ -66,7 +66,10 @@ module.exports = function (User) {
 		}
 		const creation_time = await db.sortedSetScore('registration:queue', username);
 		const uid = await User.create(userData);
-		await User.setUserField(uid, 'password', userData.hashedPassword);
+		await User.setUserFields(uid, {
+			password: userData.hashedPassword,
+			'password:shaWrapped': 1,
+		});
 		await removeFromQueue(username);
 		await markNotificationRead(username);
 		await plugins.hooks.fire('filter:register.complete', { uid: uid });
diff --git a/src/user/password.js b/src/user/password.js
index acb89a6c60..23a2816fd8 100644
--- a/src/user/password.js
+++ b/src/user/password.js
@@ -17,7 +17,10 @@ module.exports = function (User) {
 
 	User.isPasswordCorrect = async function (uid, password, ip) {
 		password = password || '';
-		var { password: hashedPassword, 'password:shaWrapped': shaWrapped } = await db.getObjectFields('user:' + uid, ['password', 'password:shaWrapped']);
+		var {
+			password: hashedPassword,
+			'password:shaWrapped': shaWrapped,
+		} = await db.getObjectFields('user:' + uid, ['password', 'password:shaWrapped']);
 		if (!hashedPassword) {
 			// Non-existant user, submit fake hash for comparison
 			hashedPassword = '';