]> source.dussan.org Git - nextcloud-server.git/commitdiff
projects / nextcloud-server.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 7f47000)
Skip general login with email for non-valid addresses and LDAP 34947/head
authorJulius Härtl <jus@bitgrid.net>
Tue, 25 Oct 2022 13:38:31 +0000 (15:38 +0200)
committerJulius Härtl <jus@bitgrid.net>
Thu, 3 Nov 2022 14:40:38 +0000 (15:40 +0100)
Signed-off-by: Julius Härtl <jus@bitgrid.net>
lib/private/Authentication/Login/EmailLoginCommand.php patch | blob | history
tests/lib/Authentication/Login/EmailLoginCommandTest.php patch | blob | history

diff --git a/lib/private/Authentication/Login/EmailLoginCommand.php b/lib/private/Authentication/Login/EmailLoginCommand.php
index e2e55cc12c86c64cf2cd472b38bbf841a4f90c1d..7145ab9e14f3463f18b914c6ec5760e50475d048 100644 (file)
--- a/lib/private/Authentication/Login/EmailLoginCommand.php
+++ b/lib/private/Authentication/Login/EmailLoginCommand.php
@@ -38,9 +38,21 @@ class EmailLoginCommand extends ALoginCommand {
 
        public function process(LoginData $loginData): LoginResult {
                if ($loginData->getUser() === false) {
+                       if (!filter_var($loginData->getUsername(), FILTER_VALIDATE_EMAIL)) {
+                               return $this->processNextOrFinishSuccessfully($loginData);
+                       }
+
                        $users = $this->userManager->getByEmail($loginData->getUsername());
                        // we only allow login by email if unique
                        if (count($users) === 1) {
+
+                               // FIXME: This is a workaround to still stick to configured LDAP login filters
+                               // this can be removed once the email login is properly implemented in the local user backend
+                               // as described in https://github.com/nextcloud/server/issues/5221
+                               if ($users[0]->getBackendClassName() === 'LDAP') {
+                                       return $this->processNextOrFinishSuccessfully($loginData);
+                               }
+
                                $username = $users[0]->getUID();
                                if ($username !== $loginData->getUsername()) {
                                        $user = $this->userManager->checkPassword(
diff --git a/tests/lib/Authentication/Login/EmailLoginCommandTest.php b/tests/lib/Authentication/Login/EmailLoginCommandTest.php
index 9de372148b96b3c5ec709381c63c2b0cd39600a4..0e70c40a1dfcfe22eb56673bf0ffb8b663c80bfe 100644 (file)
--- a/tests/lib/Authentication/Login/EmailLoginCommandTest.php
+++ b/tests/lib/Authentication/Login/EmailLoginCommandTest.php
@@ -55,7 +55,7 @@ class EmailLoginCommandTest extends ALoginCommandTest {
 
        public function testProcessNotAnEmailLogin() {
                $data = $this->getFailedLoginData();
-               $this->userManager->expects($this->once())
+               $this->userManager->expects($this->never())
                        ->method('getByEmail')
                        ->with($this->username)
                        ->willReturn([]);
@@ -67,9 +67,10 @@ class EmailLoginCommandTest extends ALoginCommandTest {
 
        public function testProcessDuplicateEmailLogin() {
                $data = $this->getFailedLoginData();
+               $data->setUsername('user@example.com');
                $this->userManager->expects($this->once())
                        ->method('getByEmail')
-                       ->with($this->username)
+                       ->with('user@example.com')
                        ->willReturn([
                                $this->createMock(IUser::class),
                                $this->createMock(IUser::class),
Nextcloud server, a safe home for all your data: https://github.com/nextcloud/server