diff options
| author | blizzz <blizzz@arthur-schiwon.de> | 2022-09-27 08:50:47 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-09-27 08:50:47 +0200 |
| commit | 20cd49c842a8dbf64da3972251f876459feb4a34 (patch) | |
| tree | 99af9d1b486c8c48763a7af6289450483fea4968 /lib | |
| parent | 1ac1aff61375a6a8237304127e4534ac539f8309 (diff) | |
| parent | fbebc4bfe7de06c90dbd2d34a2f688ea3e6d53ea (diff) | |
| download | nextcloud-server-20cd49c842a8dbf64da3972251f876459feb4a34.tar.gz nextcloud-server-20cd49c842a8dbf64da3972251f876459feb4a34.zip | |
Merge pull request #34111 from nextcloud/backport/34073/stable24
[stable24] dont try email login if the provider username is not a valid email
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/private/User/Session.php | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/lib/private/User/Session.php b/lib/private/User/Session.php index a0e0e5c1dc8..302f6174bc9 100644 --- a/lib/private/User/Session.php +++ b/lib/private/User/Session.php @@ -450,6 +450,9 @@ class Session implements IUserSession, Emitter { if (!$this->login($user, $password)) { // Failed, maybe the user used their email address + if (!filter_var($user, FILTER_VALIDATE_EMAIL)) { + return false; + } $users = $this->manager->getByEmail($user); if (!(\count($users) === 1 && $this->login($users[0]->getUID(), $password))) { $this->logger->warning('Login failed: \'' . $user . '\' (Remote IP: \'' . \OC::$server->getRequest()->getRemoteAddress() . '\')', ['app' => 'core']); |