Backport #19261 Unfortunately #18789 disabled autoregistration using email addresses as they would be shortcut to email address does not exist. This PR attempts to restore autoregistration by allowing an unknown email address to percolate through to the autoregistration path of UserSignin. Fix #19256 Signed-off-by: Andrew Thornton <art27@cantab.net>
This commit is contained in:
parent
471a1e8111
commit
14a6aafb50
1 changed files with 39 additions and 29 deletions
|
@ -23,19 +23,23 @@ import (
|
||||||
// UserSignIn validates user name and password.
|
// UserSignIn validates user name and password.
|
||||||
func UserSignIn(username, password string) (*user_model.User, *auth.Source, error) {
|
func UserSignIn(username, password string) (*user_model.User, *auth.Source, error) {
|
||||||
var user *user_model.User
|
var user *user_model.User
|
||||||
|
isEmail := false
|
||||||
if strings.Contains(username, "@") {
|
if strings.Contains(username, "@") {
|
||||||
|
isEmail = true
|
||||||
emailAddress := user_model.EmailAddress{LowerEmail: strings.ToLower(strings.TrimSpace(username))}
|
emailAddress := user_model.EmailAddress{LowerEmail: strings.ToLower(strings.TrimSpace(username))}
|
||||||
// check same email
|
// check same email
|
||||||
has, err := db.GetEngine(db.DefaultContext).Where("is_activated=?", true).Get(&emailAddress)
|
has, err := db.GetEngine(db.DefaultContext).Get(&emailAddress)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, nil, err
|
return nil, nil, err
|
||||||
}
|
}
|
||||||
if !has {
|
if has {
|
||||||
return nil, nil, user_model.ErrEmailAddressNotExist{
|
if !emailAddress.IsActivated {
|
||||||
Email: username,
|
return nil, nil, user_model.ErrEmailAddressNotExist{
|
||||||
|
Email: username,
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
user = &user_model.User{ID: emailAddress.UID}
|
||||||
}
|
}
|
||||||
user = &user_model.User{ID: emailAddress.UID}
|
|
||||||
} else {
|
} else {
|
||||||
trimmedUsername := strings.TrimSpace(username)
|
trimmedUsername := strings.TrimSpace(username)
|
||||||
if len(trimmedUsername) == 0 {
|
if len(trimmedUsername) == 0 {
|
||||||
|
@ -45,38 +49,40 @@ func UserSignIn(username, password string) (*user_model.User, *auth.Source, erro
|
||||||
user = &user_model.User{LowerName: strings.ToLower(trimmedUsername)}
|
user = &user_model.User{LowerName: strings.ToLower(trimmedUsername)}
|
||||||
}
|
}
|
||||||
|
|
||||||
hasUser, err := user_model.GetUser(user)
|
if user != nil {
|
||||||
if err != nil {
|
hasUser, err := user_model.GetUser(user)
|
||||||
return nil, nil, err
|
|
||||||
}
|
|
||||||
|
|
||||||
if hasUser {
|
|
||||||
source, err := auth.GetSourceByID(user.LoginSource)
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, nil, err
|
return nil, nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
if !source.IsActive {
|
if hasUser {
|
||||||
return nil, nil, oauth2.ErrAuthSourceNotActived
|
source, err := auth.GetSourceByID(user.LoginSource)
|
||||||
}
|
if err != nil {
|
||||||
|
return nil, nil, err
|
||||||
|
}
|
||||||
|
|
||||||
authenticator, ok := source.Cfg.(PasswordAuthenticator)
|
if !source.IsActive {
|
||||||
if !ok {
|
return nil, nil, oauth2.ErrAuthSourceNotActived
|
||||||
return nil, nil, smtp.ErrUnsupportedLoginType
|
}
|
||||||
}
|
|
||||||
|
|
||||||
user, err := authenticator.Authenticate(user, user.LoginName, password)
|
authenticator, ok := source.Cfg.(PasswordAuthenticator)
|
||||||
if err != nil {
|
if !ok {
|
||||||
return nil, nil, err
|
return nil, nil, smtp.ErrUnsupportedLoginType
|
||||||
}
|
}
|
||||||
|
|
||||||
// WARN: DON'T check user.IsActive, that will be checked on reqSign so that
|
user, err := authenticator.Authenticate(user, user.LoginName, password)
|
||||||
// user could be hint to resend confirm email.
|
if err != nil {
|
||||||
if user.ProhibitLogin {
|
return nil, nil, err
|
||||||
return nil, nil, user_model.ErrUserProhibitLogin{UID: user.ID, Name: user.Name}
|
}
|
||||||
}
|
|
||||||
|
|
||||||
return user, source, nil
|
// WARN: DON'T check user.IsActive, that will be checked on reqSign so that
|
||||||
|
// user could be hint to resend confirm email.
|
||||||
|
if user.ProhibitLogin {
|
||||||
|
return nil, nil, user_model.ErrUserProhibitLogin{UID: user.ID, Name: user.Name}
|
||||||
|
}
|
||||||
|
|
||||||
|
return user, source, nil
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
sources, err := auth.AllActiveSources()
|
sources, err := auth.AllActiveSources()
|
||||||
|
@ -111,5 +117,9 @@ func UserSignIn(username, password string) (*user_model.User, *auth.Source, erro
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if isEmail {
|
||||||
|
return nil, nil, user_model.ErrEmailAddressNotExist{Email: username}
|
||||||
|
}
|
||||||
|
|
||||||
return nil, nil, user_model.ErrUserNotExist{Name: username}
|
return nil, nil, user_model.ErrUserNotExist{Name: username}
|
||||||
}
|
}
|
||||||
|
|
Reference in a new issue