dont try email login if the provider username is not a valid email

author Robin Appelman <robin@icewind.nl>

Wed, 14 Sep 2022 12:04:13 +0000 (14:04 +0200)

committer Robin Appelman <robin@icewind.nl>

Wed, 14 Sep 2022 12:04:13 +0000 (14:04 +0200)
author Robin Appelman <robin@icewind.nl>
Wed, 14 Sep 2022 12:04:13 +0000 (14:04 +0200)
committer Robin Appelman <robin@icewind.nl>
Wed, 14 Sep 2022 12:04:13 +0000 (14:04 +0200)
diff --git a/lib/private/User/Session.php b/lib/private/User/Session.php

index 65a213d4bf8087a93bde742d2071581f0167c1d9..5117812db315c9b427747b7bd1c60a3af87d5db2 100644 (file)
--- a/lib/private/User/Session.php
+++ b/lib/private/User/Session.php
@@ -450,6 +450,9 @@ class Session implements IUserSession, Emitter {
                 if (!$this->login($user, $password)) {
  
                         // Failed, maybe the user used their email address
+                       if (!filter_var($user, FILTER_VALIDATE_EMAIL)) {
+                               return false;
+                       }
                         $users = $this->manager->getByEmail($user);
                         if (!(\count($users) === 1 && $this->login($users[0]->getUID(), $password))) {
                                 $this->logger->warning('Login failed: \'' . $user . '\' (Remote IP: \'' . \OC::$server->getRequest()->getRemoteAddress() . '\')', ['app' => 'core']);
author	Robin Appelman <robin@icewind.nl>
	Wed, 14 Sep 2022 12:04:13 +0000 (14:04 +0200)
committer	Robin Appelman <robin@icewind.nl>
	Wed, 14 Sep 2022 12:04:13 +0000 (14:04 +0200)