diff options
| author | Julius Härtl <jus@bitgrid.net> | 2024-01-11 11:53:13 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-01-11 11:53:13 +0100 |
| commit | 84df0c33a2c5ba29d5b994ba71a1a5af6a0bad65 (patch) | |
| tree | 1604b8ac3bacf2e9a3606c71da74b83ab1c8acac /lib | |
| parent | 6200c281e319dac917759271a76a9f35bac4201a (diff) | |
| parent | 5fc6fb0d20d22d750b53b19ef54e3dc5d79489c5 (diff) | |
| download | nextcloud-server-84df0c33a2c5ba29d5b994ba71a1a5af6a0bad65.tar.gz nextcloud-server-84df0c33a2c5ba29d5b994ba71a1a5af6a0bad65.zip | |
Merge pull request #42652 from nextcloud/backport/42651/stable27
[stable27] perf: Use more performant way to obtain and check the email as a login name with token login
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/private/AllConfig.php | 13 | ||||
| -rw-r--r-- | lib/private/User/Session.php | 13 |
2 files changed, 22 insertions, 4 deletions
diff --git a/lib/private/AllConfig.php b/lib/private/AllConfig.php index 2a0e8f53b14..92178d64635 100644 --- a/lib/private/AllConfig.php +++ b/lib/private/AllConfig.php @@ -32,6 +32,7 @@ */ namespace OC; +use Doctrine\DBAL\Platforms\OraclePlatform; use OCP\Cache\CappedMemoryCache; use OCP\DB\QueryBuilder\IQueryBuilder; use OCP\IConfig; @@ -490,12 +491,15 @@ class AllConfig implements IConfig { $this->fixDIInit(); $qb = $this->connection->getQueryBuilder(); + $configValueColumn = ($this->connection->getDatabasePlatform() instanceof OraclePlatform) + ? $qb->expr()->castColumn('configvalue', IQueryBuilder::PARAM_STR) + : 'configvalue'; $result = $qb->select('userid') ->from('preferences') ->where($qb->expr()->eq('appid', $qb->createNamedParameter($appName, IQueryBuilder::PARAM_STR))) ->andWhere($qb->expr()->eq('configkey', $qb->createNamedParameter($key, IQueryBuilder::PARAM_STR))) ->andWhere($qb->expr()->eq( - $qb->expr()->castColumn('configvalue', IQueryBuilder::PARAM_STR), + $configValueColumn, $qb->createNamedParameter($value, IQueryBuilder::PARAM_STR)) )->orderBy('userid') ->executeQuery(); @@ -524,13 +528,18 @@ class AllConfig implements IConfig { // Email address is always stored lowercase in the database return $this->getUsersForUserValue($appName, $key, strtolower($value)); } + $qb = $this->connection->getQueryBuilder(); + $configValueColumn = ($this->connection->getDatabasePlatform() instanceof OraclePlatform) + ? $qb->expr()->castColumn('configvalue', IQueryBuilder::PARAM_STR) + : 'configvalue'; + $result = $qb->select('userid') ->from('preferences') ->where($qb->expr()->eq('appid', $qb->createNamedParameter($appName, IQueryBuilder::PARAM_STR))) ->andWhere($qb->expr()->eq('configkey', $qb->createNamedParameter($key, IQueryBuilder::PARAM_STR))) ->andWhere($qb->expr()->eq( - $qb->func()->lower($qb->expr()->castColumn('configvalue', IQueryBuilder::PARAM_STR)), + $qb->func()->lower($configValueColumn), $qb->createNamedParameter(strtolower($value), IQueryBuilder::PARAM_STR)) )->orderBy('userid') ->executeQuery(); diff --git a/lib/private/User/Session.php b/lib/private/User/Session.php index b607a6441a4..de4d1f63b9e 100644 --- a/lib/private/User/Session.php +++ b/lib/private/User/Session.php @@ -455,8 +455,17 @@ class Session implements IUserSession, Emitter { $this->handleLoginFailed($throttler, $currentDelay, $remoteAddress, $user, $password); return false; } - $users = $this->manager->getByEmail($user); - if (!(\count($users) === 1 && $this->login($users[0]->getUID(), $password))) { + + if ($isTokenPassword) { + $dbToken = $this->tokenProvider->getToken($password); + $userFromToken = $this->manager->get($dbToken->getUID()); + $isValidEmailLogin = $userFromToken->getEMailAddress() === $user; + } else { + $users = $this->manager->getByEmail($user); + $isValidEmailLogin = (\count($users) === 1 && $this->login($users[0]->getUID(), $password)); + } + + if (!$isValidEmailLogin) { $this->handleLoginFailed($throttler, $currentDelay, $remoteAddress, $user, $password); return false; } |