summaryrefslogtreecommitdiffstats
path: root/core
diff options
context:
space:
mode:
Diffstat (limited to 'core')
-rw-r--r--core/Controller/LoginController.php15
1 files changed, 11 insertions, 4 deletions
diff --git a/core/Controller/LoginController.php b/core/Controller/LoginController.php
index 7afed6b274a..ba9fc55d451 100644
--- a/core/Controller/LoginController.php
+++ b/core/Controller/LoginController.php
@@ -63,9 +63,8 @@ class LoginController extends Controller {
* @param Session $userSession
* @param IURLGenerator $urlGenerator
*/
- function __construct($appName, IRequest $request, IUserManager $userManager,
- IConfig $config, ISession $session, Session $userSession,
- IURLGenerator $urlGenerator) {
+ function __construct($appName, IRequest $request, IUserManager $userManager, IConfig $config, ISession $session,
+ Session $userSession, IURLGenerator $urlGenerator) {
parent::__construct($appName, $request);
$this->userManager = $userManager;
$this->config = $config;
@@ -169,7 +168,15 @@ class LoginController extends Controller {
*/
public function tryLogin($user, $password, $redirect_url) {
// TODO: Add all the insane error handling
- if ($this->userManager->checkPassword($user, $password) === false) {
+ $loginResult = $this->userManager->checkPassword($user, $password) === false;
+ if ($loginResult) {
+ $users = $this->userManager->getByEmail($user);
+ // we only allow login by email if unique
+ if (count($users) === 1) {
+ $loginResult = $this->userManager->checkPassword($users[0]->getUID(), $password);
+ }
+ }
+ if ($loginResult) {
return new RedirectResponse($this->urlGenerator->linkToRoute('login#showLoginForm'));
}
$this->userSession->createSessionToken($this->request, $user, $password);