From a5597b8f38415febd95a7d1f006a76adb53a7283 Mon Sep 17 00:00:00 2001
From: Tobias Bengfort <tobias.bengfort@posteo.de>
Date: Tue, 7 Jan 2025 17:29:31 +0100
Subject: [PATCH] use unusable password for created accounts

---
 auth.php | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/auth.php b/auth.php
index 96a4d85..39c6bbd 100644
--- a/auth.php
+++ b/auth.php
@@ -139,12 +139,11 @@ public function registerOAuthUser(&$userinfo, $servicename)
         $groups_on_creation[] = $this->cleanGroup($servicename); // add service as group
         $userinfo['grps'] = array_merge((array)$userinfo['grps'], $groups_on_creation);
 
-        // the password set here will remain unknown to the user
         $ok = $this->triggerUserMod(
             'create',
             [
                 $user,
-                auth_pwgen($user),
+                null,
                 $userinfo['name'],
                 $userinfo['mail'],
                 $userinfo['grps'],