# HG changeset patch
# User Kim Alvefur <zash@zash.se>
# Date 1660837856 -7200
# Node ID aed38948791f76eb04cb97c2e1cf4de3f27610d2
# Parent  5d85de8b0723bb75fd73acb82a2d8163164531e6
mod_auth_internal_hashed: Allow creating disabled account without password

Otherwise, create_user(username, nil) leads to the account being
deleted.

diff -r 5d85de8b0723 -r aed38948791f plugins/mod_auth_internal_hashed.lua
--- a/plugins/mod_auth_internal_hashed.lua	Thu Aug 18 16:46:07 2022 +0100
+++ b/plugins/mod_auth_internal_hashed.lua	Thu Aug 18 17:50:56 2022 +0200
@@ -115,8 +115,9 @@
 end
 
 function provider.create_user(username, password)
+	local now = os.time();
 	if password == nil then
-		return accounts:set(username, {});
+		return accounts:set(username, { created = now; updated = now; disabled = true });
 	end
 	local salt = generate_uuid();
 	local valid, stored_key, server_key = get_auth_db(password, salt, default_iteration_count);
@@ -125,7 +126,6 @@
 	end
 	local stored_key_hex = to_hex(stored_key);
 	local server_key_hex = to_hex(server_key);
-	local now = os.time();
 	return accounts:set(username, {
 		stored_key = stored_key_hex, server_key = server_key_hex,
 		salt = salt, iteration_count = default_iteration_count,