aboutsummaryrefslogtreecommitdiffstats
path: root/services/auth
diff options
context:
space:
mode:
authorzeripath <art27@cantab.net>2022-03-31 14:20:25 +0100
committerGitHub <noreply@github.com>2022-03-31 15:20:25 +0200
commitf6145a69c4814d9aaaeac5d73c743b2f65bc586c (patch)
treeef0ee9e79fc904847220f95306fd3d7fbb40ae31 /services/auth
parente28cc79c92c851251eaaecb0584f8bd4259d290c (diff)
downloadgitea-f6145a69c4814d9aaaeac5d73c743b2f65bc586c.tar.gz
gitea-f6145a69c4814d9aaaeac5d73c743b2f65bc586c.zip
Restore user autoregistration with email addresses (#19261)
Unfortunately #18789 disabled autoregistration using email addresses as they would be shortcut to email address does not exist. This PR attempts to restore autoregistration by allowing an unknown email address to percolate through to the autoregistration path of UserSignin. Fix #19256 Signed-off-by: Andrew Thornton <art27@cantab.net>
Diffstat (limited to 'services/auth')
-rw-r--r--services/auth/signin.go68
1 files changed, 39 insertions, 29 deletions
diff --git a/services/auth/signin.go b/services/auth/signin.go
index aa9a9660c0..3ccf68c3a7 100644
--- a/services/auth/signin.go
+++ b/services/auth/signin.go
@@ -23,19 +23,23 @@ import (
// UserSignIn validates user name and password.
func UserSignIn(username, password string) (*user_model.User, *auth.Source, error) {
var user *user_model.User
+ isEmail := false
if strings.Contains(username, "@") {
+ isEmail = true
emailAddress := user_model.EmailAddress{LowerEmail: strings.ToLower(strings.TrimSpace(username))}
// check same email
- has, err := db.GetEngine(db.DefaultContext).Where("is_activated=?", true).Get(&emailAddress)
+ has, err := db.GetEngine(db.DefaultContext).Get(&emailAddress)
if err != nil {
return nil, nil, err
}
- if !has {
- return nil, nil, user_model.ErrEmailAddressNotExist{
- Email: username,
+ if has {
+ if !emailAddress.IsActivated {
+ return nil, nil, user_model.ErrEmailAddressNotExist{
+ Email: username,
+ }
}
+ user = &user_model.User{ID: emailAddress.UID}
}
- user = &user_model.User{ID: emailAddress.UID}
} else {
trimmedUsername := strings.TrimSpace(username)
if len(trimmedUsername) == 0 {
@@ -45,38 +49,40 @@ func UserSignIn(username, password string) (*user_model.User, *auth.Source, erro
user = &user_model.User{LowerName: strings.ToLower(trimmedUsername)}
}
- hasUser, err := user_model.GetUser(user)
- if err != nil {
- return nil, nil, err
- }
-
- if hasUser {
- source, err := auth.GetSourceByID(user.LoginSource)
+ if user != nil {
+ hasUser, err := user_model.GetUser(user)
if err != nil {
return nil, nil, err
}
- if !source.IsActive {
- return nil, nil, oauth2.ErrAuthSourceNotActived
- }
+ if hasUser {
+ source, err := auth.GetSourceByID(user.LoginSource)
+ if err != nil {
+ return nil, nil, err
+ }
- authenticator, ok := source.Cfg.(PasswordAuthenticator)
- if !ok {
- return nil, nil, smtp.ErrUnsupportedLoginType
- }
+ if !source.IsActive {
+ return nil, nil, oauth2.ErrAuthSourceNotActived
+ }
- user, err := authenticator.Authenticate(user, user.LoginName, password)
- if err != nil {
- return nil, nil, err
- }
+ authenticator, ok := source.Cfg.(PasswordAuthenticator)
+ if !ok {
+ return nil, nil, smtp.ErrUnsupportedLoginType
+ }
- // WARN: DON'T check user.IsActive, that will be checked on reqSign so that
- // user could be hint to resend confirm email.
- if user.ProhibitLogin {
- return nil, nil, user_model.ErrUserProhibitLogin{UID: user.ID, Name: user.Name}
- }
+ user, err := authenticator.Authenticate(user, user.LoginName, password)
+ if err != nil {
+ return nil, nil, err
+ }
- return user, source, nil
+ // WARN: DON'T check user.IsActive, that will be checked on reqSign so that
+ // user could be hint to resend confirm email.
+ if user.ProhibitLogin {
+ return nil, nil, user_model.ErrUserProhibitLogin{UID: user.ID, Name: user.Name}
+ }
+
+ return user, source, nil
+ }
}
sources, err := auth.AllActiveSources()
@@ -111,5 +117,9 @@ func UserSignIn(username, password string) (*user_model.User, *auth.Source, erro
}
}
+ if isEmail {
+ return nil, nil, user_model.ErrEmailAddressNotExist{Email: username}
+ }
+
return nil, nil, user_model.ErrUserNotExist{Name: username}
}