From 3909199bd7fb7e43b1896a037494ba1027377dff Mon Sep 17 00:00:00 2001
From: Akhil <akhil.potukuchi@gmail.com>
Date: Thu, 10 Nov 2022 21:21:56 +0530
Subject: [PATCH] Use hash_equals

---
 lib/Controller/UserController.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/Controller/UserController.php b/lib/Controller/UserController.php
index e6bef599..dd87f13e 100644
--- a/lib/Controller/UserController.php
+++ b/lib/Controller/UserController.php
@@ -136,6 +136,6 @@ class UserController extends ApiController {
 
 	private function checkAppCredentials(string $token): bool {
 		$ecloud_accounts_secret = $this->userService->getConfigValue('secret');
-		return strcmp($token, $ecloud_accounts_secret) === 0;
+		return hash_equals($ecloud_accounts_secret, $token);
 	}
 }
-- 
GitLab