From 99d01d707f26c4b22d5b138066fc22087d27a487 Mon Sep 17 00:00:00 2001
From: Jarrod Johnson <jjohnson2@lenovo.com>
Date: Thu, 5 Sep 2019 11:09:11 -0400
Subject: [PATCH] Fix incorrect bad auth on freshly changed password

If the database backing the password had changed but cache hadn't updated,
then the cache miss was taken as always meaning no valid login.
---
 confluent_server/confluent/auth.py | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/confluent_server/confluent/auth.py b/confluent_server/confluent/auth.py
index 76a27ec2..ed73ab7e 100644
--- a/confluent_server/confluent/auth.py
+++ b/confluent_server/confluent/auth.py
@@ -119,9 +119,9 @@ def _prune_passcache():
     while True:
         curtime = time.time()
         for passent in _passcache.iterkeys():
-            if passent[2] < curtime - 10:
+            if passent[2] < curtime - 90:
                 del _passcache[passent]
-        eventlet.sleep(10)
+        eventlet.sleep(90)
 
 
 def _get_usertenant(name, tenant=False):
@@ -249,7 +249,6 @@ def check_user_passphrase(name, passphrase, operation=None, element=None, tenant
             # while someone is legitimately logged in
             # invalidate cache and force the slower check
             del _passcache[(user, tenant)]
-            return None
     if 'cryptpass' in ucfg:
         _passchecking[(user, tenant)] = True
         # TODO(jbjohnso): WORKERPOOL