Upgrade passwords to bcrypt

Author: carlbennett

src/controllers/User/Login.php

@@ -82,6 +82,11 @@ protected function tryLogin(Router &$router, UserLoginModel &$model) {
     if ($model->error) return;
     $model->error = false;
 
+    // Upgrade old password (we checked it matches earlier above)
+    if (substr($user->getPasswordHash(), 0, 1) !== '$') {
+      $user->changePassword($password);
+    }
+
     Authentication::login( $user );
 
     Logger::logEvent(