From f809500d171341f8fdb886fc4f57d6f815adfdbf Mon Sep 17 00:00:00 2001
From: Your Name <you@example.com>
Date: Sat, 7 Oct 2023 10:42:06 -0400
Subject: [PATCH] more

---
 auth.go | 20 ++++++++++++--------
 1 file changed, 12 insertions(+), 8 deletions(-)

diff --git a/auth.go b/auth.go
index 91cb744..556bc34 100644
--- a/auth.go
+++ b/auth.go
@@ -35,6 +35,7 @@ func Login(username, password string) bool {
 			log.Printf("scsusers.Login: recovery time expired")
 			return false
 		}
+		u.SetPassword([]byte(rc))
 		u.Delete("recoverycode")
 		u.Delete("recoverytime")
 	}
@@ -42,6 +43,16 @@ func Login(username, password string) bool {
 	return true
 }
 
+func (u *UserData) SetPassword(newcrypt []byte) bool {
+	q := fmt.Sprintf("update %s_auth set password=? where userid=?", c.TablePrefix)
+	_, err := c.db.Exec(q, newcrypt, u.UserID)
+	if err != nil {
+		log.Printf("scsusers.ChangePassword: update failed for %s: %s\n", u.Username, err.Error())
+		return false
+	}
+	return true
+}
+
 func (u *UserData) ChangePassword(oldpass, newpass string) bool {
 	if bcrypt.CompareHashAndPassword([]byte(u.Password), []byte(oldpass)) != nil {
 		log.Printf("scsusers.ChangePassword: Failed password for %s\n", u.Username)
@@ -52,12 +63,5 @@ func (u *UserData) ChangePassword(oldpass, newpass string) bool {
 		log.Printf("scsusers.ChangePassword: generate: %s", err.Error())
 		return false
 	}
-	q := fmt.Sprintf("update %s_auth set password=? where userid=?", c.TablePrefix)
-	_, err = c.db.Exec(q, newcrypt, u.UserID)
-	if err != nil {
-		log.Printf("scsusers.ChangePassword: update failed for %s: %s\n", u.Username, err.Error())
-		return false
-	}
-	return true
-
+	return u.SetPassword(newcrypt)
 }