diff options
-rw-r--r-- | services/auth/signin.go | 68 |
1 files changed, 39 insertions, 29 deletions
diff --git a/services/auth/signin.go b/services/auth/signin.go index aa9a9660c0..3ccf68c3a7 100644 --- a/services/auth/signin.go +++ b/services/auth/signin.go @@ -23,19 +23,23 @@ import ( // UserSignIn validates user name and password. func UserSignIn(username, password string) (*user_model.User, *auth.Source, error) { var user *user_model.User + isEmail := false if strings.Contains(username, "@") { + isEmail = true emailAddress := user_model.EmailAddress{LowerEmail: strings.ToLower(strings.TrimSpace(username))} // check same email - has, err := db.GetEngine(db.DefaultContext).Where("is_activated=?", true).Get(&emailAddress) + has, err := db.GetEngine(db.DefaultContext).Get(&emailAddress) if err != nil { return nil, nil, err } - if !has { - return nil, nil, user_model.ErrEmailAddressNotExist{ - Email: username, + if has { + if !emailAddress.IsActivated { + return nil, nil, user_model.ErrEmailAddressNotExist{ + Email: username, + } } + user = &user_model.User{ID: emailAddress.UID} } - user = &user_model.User{ID: emailAddress.UID} } else { trimmedUsername := strings.TrimSpace(username) if len(trimmedUsername) == 0 { @@ -45,38 +49,40 @@ func UserSignIn(username, password string) (*user_model.User, *auth.Source, erro user = &user_model.User{LowerName: strings.ToLower(trimmedUsername)} } - hasUser, err := user_model.GetUser(user) - if err != nil { - return nil, nil, err - } - - if hasUser { - source, err := auth.GetSourceByID(user.LoginSource) + if user != nil { + hasUser, err := user_model.GetUser(user) if err != nil { return nil, nil, err } - if !source.IsActive { - return nil, nil, oauth2.ErrAuthSourceNotActived - } + if hasUser { + source, err := auth.GetSourceByID(user.LoginSource) + if err != nil { + return nil, nil, err + } - authenticator, ok := source.Cfg.(PasswordAuthenticator) - if !ok { - return nil, nil, smtp.ErrUnsupportedLoginType - } + if !source.IsActive { + return nil, nil, oauth2.ErrAuthSourceNotActived + } - user, err := authenticator.Authenticate(user, user.LoginName, password) - if err != nil { - return nil, nil, err - } + authenticator, ok := source.Cfg.(PasswordAuthenticator) + if !ok { + return nil, nil, smtp.ErrUnsupportedLoginType + } - // WARN: DON'T check user.IsActive, that will be checked on reqSign so that - // user could be hint to resend confirm email. - if user.ProhibitLogin { - return nil, nil, user_model.ErrUserProhibitLogin{UID: user.ID, Name: user.Name} - } + user, err := authenticator.Authenticate(user, user.LoginName, password) + if err != nil { + return nil, nil, err + } - return user, source, nil + // WARN: DON'T check user.IsActive, that will be checked on reqSign so that + // user could be hint to resend confirm email. + if user.ProhibitLogin { + return nil, nil, user_model.ErrUserProhibitLogin{UID: user.ID, Name: user.Name} + } + + return user, source, nil + } } sources, err := auth.AllActiveSources() @@ -111,5 +117,9 @@ func UserSignIn(username, password string) (*user_model.User, *auth.Source, erro } } + if isEmail { + return nil, nil, user_model.ErrEmailAddressNotExist{Email: username} + } + return nil, nil, user_model.ErrUserNotExist{Name: username} } |