3 files changed, 4 insertions, 1 deletions

diff --git a/app/Controllers/indexController.php b/app/Controllers/indexController.php
index cb6be6049..c49054a5c 100755
--- a/app/Controllers/indexController.php
+++ b/app/Controllers/indexController.php
@@ -320,6 +320,8 @@ class FreshRSS_index_Controller extends Minz_ActionController {
 				} catch (Minz_Exception $me) {
 					Minz_Log::record('Login failure: ' . $me->getMessage(), Minz_Log::WARNING);
 				}
+			} else {
+				Minz_Log::record('Invalid credential parameters: user=' . $username . ' challenge=' . $c . ' nonce=' . $nonce, Minz_Log::DEBUG);
 			}
 			if (!$ok) {
 				$notif = array(
diff --git a/app/Controllers/javascriptController.php b/app/Controllers/javascriptController.php
index 02e424437..b879dcd6d 100755
--- a/app/Controllers/javascriptController.php
+++ b/app/Controllers/javascriptController.php
@@ -37,7 +37,7 @@ class FreshRSS_javascript_Controller extends Minz_ActionController {
 					return;	//Success
 				}
 			} catch (Minz_Exception $me) {
-				Minz_Log::record('Login failure: ' . $me->getMessage(), Minz_Log::WARNING);
+				Minz_Log::record('Nonce failure: ' . $me->getMessage(), Minz_Log::WARNING);
 			}
 		}
 		$this->view->nonce = '';	//Failure
diff --git a/app/Controllers/usersController.php b/app/Controllers/usersController.php
index a044cd25b..8314b75fc 100644
--- a/app/Controllers/usersController.php
+++ b/app/Controllers/usersController.php
@@ -106,6 +106,7 @@ class FreshRSS_users_Controller extends Minz_ActionController {
 					}
 					$passwordHash = password_hash($passwordPlain, PASSWORD_BCRYPT, array('cost' => self::BCRYPT_COST));
 					$passwordPlain = '';
+					$passwordHash = preg_replace('/^\$2[xy]\$/', '\$2a\$', $passwordHash);	//Compatibility with bcrypt.js
 					$ok &= ($passwordHash != '');
 				}
 				if (empty($passwordHash)) {