diff options
| author | Julius Härtl <jus@bitgrid.net> | 2024-01-11 11:53:09 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-01-11 11:53:09 +0100 |
| commit | f297de9e6f0bedb7a1073b8a1500e494515b4cd7 (patch) | |
| tree | 9a24fdb135900722642a4f84f27488445ccc000e /lib | |
| parent | 8e96ab96f07a9221ff101b819929169c5b6ad404 (diff) | |
| parent | bc0ab8df52a669a51ea8d7451e4fe20b1a6dfbe1 (diff) | |
| download | nextcloud-server-f297de9e6f0bedb7a1073b8a1500e494515b4cd7.tar.gz nextcloud-server-f297de9e6f0bedb7a1073b8a1500e494515b4cd7.zip | |
Merge pull request #42651 from nextcloud/backport/41927/stable28
[stable28] perf: Use more performant way to obtain and check the email as a login name with token login
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/private/AllConfig.php | 13 | ||||
| -rw-r--r-- | lib/private/User/Session.php | 13 |
2 files changed, 22 insertions, 4 deletions
diff --git a/lib/private/AllConfig.php b/lib/private/AllConfig.php index 2a0e8f53b14..92178d64635 100644 --- a/lib/private/AllConfig.php +++ b/lib/private/AllConfig.php @@ -32,6 +32,7 @@ */ namespace OC; +use Doctrine\DBAL\Platforms\OraclePlatform; use OCP\Cache\CappedMemoryCache; use OCP\DB\QueryBuilder\IQueryBuilder; use OCP\IConfig; @@ -490,12 +491,15 @@ class AllConfig implements IConfig { $this->fixDIInit(); $qb = $this->connection->getQueryBuilder(); + $configValueColumn = ($this->connection->getDatabasePlatform() instanceof OraclePlatform) + ? $qb->expr()->castColumn('configvalue', IQueryBuilder::PARAM_STR) + : 'configvalue'; $result = $qb->select('userid') ->from('preferences') ->where($qb->expr()->eq('appid', $qb->createNamedParameter($appName, IQueryBuilder::PARAM_STR))) ->andWhere($qb->expr()->eq('configkey', $qb->createNamedParameter($key, IQueryBuilder::PARAM_STR))) ->andWhere($qb->expr()->eq( - $qb->expr()->castColumn('configvalue', IQueryBuilder::PARAM_STR), + $configValueColumn, $qb->createNamedParameter($value, IQueryBuilder::PARAM_STR)) )->orderBy('userid') ->executeQuery(); @@ -524,13 +528,18 @@ class AllConfig implements IConfig { // Email address is always stored lowercase in the database return $this->getUsersForUserValue($appName, $key, strtolower($value)); } + $qb = $this->connection->getQueryBuilder(); + $configValueColumn = ($this->connection->getDatabasePlatform() instanceof OraclePlatform) + ? $qb->expr()->castColumn('configvalue', IQueryBuilder::PARAM_STR) + : 'configvalue'; + $result = $qb->select('userid') ->from('preferences') ->where($qb->expr()->eq('appid', $qb->createNamedParameter($appName, IQueryBuilder::PARAM_STR))) ->andWhere($qb->expr()->eq('configkey', $qb->createNamedParameter($key, IQueryBuilder::PARAM_STR))) ->andWhere($qb->expr()->eq( - $qb->func()->lower($qb->expr()->castColumn('configvalue', IQueryBuilder::PARAM_STR)), + $qb->func()->lower($configValueColumn), $qb->createNamedParameter(strtolower($value), IQueryBuilder::PARAM_STR)) )->orderBy('userid') ->executeQuery(); diff --git a/lib/private/User/Session.php b/lib/private/User/Session.php index f3282009a4d..5689de3995f 100644 --- a/lib/private/User/Session.php +++ b/lib/private/User/Session.php @@ -456,8 +456,17 @@ class Session implements IUserSession, Emitter { $this->handleLoginFailed($throttler, $currentDelay, $remoteAddress, $user, $password); return false; } - $users = $this->manager->getByEmail($user); - if (!(\count($users) === 1 && $this->login($users[0]->getUID(), $password))) { + + if ($isTokenPassword) { + $dbToken = $this->tokenProvider->getToken($password); + $userFromToken = $this->manager->get($dbToken->getUID()); + $isValidEmailLogin = $userFromToken->getEMailAddress() === $user; + } else { + $users = $this->manager->getByEmail($user); + $isValidEmailLogin = (\count($users) === 1 && $this->login($users[0]->getUID(), $password)); + } + + if (!$isValidEmailLogin) { $this->handleLoginFailed($throttler, $currentDelay, $remoteAddress, $user, $password); return false; } |