diff options
Diffstat (limited to 'app/models')
| -rw-r--r-- | app/models/user.rb | 14 |
1 files changed, 4 insertions, 10 deletions
diff --git a/app/models/user.rb b/app/models/user.rb index e97d01a7c..696a2a203 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -156,19 +156,13 @@ class User < Principal login = login.to_s password = password.to_s - # Make sure no one can sign in with an empty password - return nil if password.empty? + # Make sure no one can sign in with an empty login or password + return nil if login.empty? || password.empty? user = find_by_login(login) if user # user is already in local database - return nil if !user.active? - if user.auth_source - # user has an external authentication method - return nil unless user.auth_source.authenticate(login, password) - else - # authentication with local password - return nil unless user.check_password?(password) - end + return nil unless user.active? + return nil unless user.check_password?(password) else # user is not yet registered, try to authenticate with available sources attrs = AuthSource.authenticate(login, password) |