sascha
/
nextcloud-server
mirror of https://github.com/nextcloud/server.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

perf: Use more performant way to obtain and check the email as a login name with token login 

Signed-off-by: Julius Härtl <jus@bitgrid.net>
pull/41927/head
Julius Härtl 2023-11-30 11:46:54 +07:00
parent e0d1e7cbf8
commit a3a343ce41
No known key found for this signature in database
GPG Key ID: 4C614C6ED2CDE6DF
2 changed files with 12 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
lib/private/User/Session.php
Unescape Escape View File

@ -456,8 +456,17 @@ class Session implements IUserSession, Emitter {
$this->handleLoginFailed($throttler, $currentDelay, $remoteAddress, $user, $password);
return false;
}
if ($isTokenPassword) {
$dbToken = $this->tokenProvider->getToken($password);
$userFromToken = $this->manager->get($dbToken->getUID());
$isValidEmailLogin = $userFromToken->getEMailAddress() === $user;
} else {
$users = $this->manager->getByEmail($user);
if (!(\count($users) === 1 && $this->login($users[0]->getUID(), $password))) {
$isValidEmailLogin = (\count($users) === 1 && $this->login($users[0]->getUID(), $password));
}
if (!$isValidEmailLogin) {
$this->handleLoginFailed($throttler, $currentDelay, $remoteAddress, $user, $password);
return false;
}

2
tests/lib/User/SessionTest.php
Unescape Escape View File

@ -1110,7 +1110,7 @@ class SessionTest extends \Test\TestCase {
$userSession->expects($this->once())
->method('isTokenPassword')
->willReturn(true);
->willReturn(false);
$userSession->expects($this->once())
->method('login')
->with('john@foo.bar', 'I-AM-AN-PASSWORD')