From a3a343ce413d0f86f70d5b47ab28e40d6dd763aa Mon Sep 17 00:00:00 2001
From: =?utf8?q?Julius=20H=C3=A4rtl?= <jus@bitgrid.net>
Date: Thu, 30 Nov 2023 11:46:54 +0100
Subject: [PATCH] perf: Use more performant way to obtain and check the email
 as a login name with token login
MIME-Version: 1.0
Content-Type: text/plain; charset=utf8
Content-Transfer-Encoding: 8bit

Signed-off-by: Julius HÃ¤rtl <jus@bitgrid.net>
---
 lib/private/User/Session.php   | 13 +++++++++++--
 tests/lib/User/SessionTest.php |  2 +-
 2 files changed, 12 insertions(+), 3 deletions(-)

diff --git a/lib/private/User/Session.php b/lib/private/User/Session.php
index f3282009a4d..5689de3995f 100644
--- a/lib/private/User/Session.php
+++ b/lib/private/User/Session.php
@@ -456,8 +456,17 @@ class Session implements IUserSession, Emitter {
 				$this->handleLoginFailed($throttler, $currentDelay, $remoteAddress, $user, $password);
 				return false;
 			}
-			$users = $this->manager->getByEmail($user);
-			if (!(\count($users) === 1 && $this->login($users[0]->getUID(), $password))) {
+
+			if ($isTokenPassword) {
+				$dbToken = $this->tokenProvider->getToken($password);
+				$userFromToken = $this->manager->get($dbToken->getUID());
+				$isValidEmailLogin = $userFromToken->getEMailAddress() === $user;
+			} else {
+				$users = $this->manager->getByEmail($user);
+				$isValidEmailLogin = (\count($users) === 1 && $this->login($users[0]->getUID(), $password));
+			}
+
+			if (!$isValidEmailLogin) {
 				$this->handleLoginFailed($throttler, $currentDelay, $remoteAddress, $user, $password);
 				return false;
 			}
diff --git a/tests/lib/User/SessionTest.php b/tests/lib/User/SessionTest.php
index d6db17d9d45..3b8d75f694c 100644
--- a/tests/lib/User/SessionTest.php
+++ b/tests/lib/User/SessionTest.php
@@ -1110,7 +1110,7 @@ class SessionTest extends \Test\TestCase {
 
 		$userSession->expects($this->once())
 			->method('isTokenPassword')
-			->willReturn(true);
+			->willReturn(false);
 		$userSession->expects($this->once())
 			->method('login')
 			->with('john@foo.bar', 'I-AM-AN-PASSWORD')
-- 
2.39.5