Restore user autoregistration with email addresses (#19261)

Unfortunately #18789 disabled autoregistration using email addresses as they would
be shortcut to email address does not exist.

This PR attempts to restore autoregistration by allowing an unknown email address
to percolate through to the autoregistration path of UserSignin.

Fix #19256

Signed-off-by: Andrew Thornton <art27@cantab.net>
This commit is contained in:
zeripath 2022-03-31 14:20:25 +01:00 committed by GitHub
parent e28cc79c92
commit f6145a69c4
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 39 additions and 29 deletions

View File

@ -23,19 +23,23 @@ import (
// UserSignIn validates user name and password.
func UserSignIn(username, password string) (*user_model.User, *auth.Source, error) {
var user *user_model.User
isEmail := false
if strings.Contains(username, "@") {
isEmail = true
emailAddress := user_model.EmailAddress{LowerEmail: strings.ToLower(strings.TrimSpace(username))}
// check same email
has, err := db.GetEngine(db.DefaultContext).Where("is_activated=?", true).Get(&emailAddress)
has, err := db.GetEngine(db.DefaultContext).Get(&emailAddress)
if err != nil {
return nil, nil, err
}
if !has {
return nil, nil, user_model.ErrEmailAddressNotExist{
Email: username,
if has {
if !emailAddress.IsActivated {
return nil, nil, user_model.ErrEmailAddressNotExist{
Email: username,
}
}
user = &user_model.User{ID: emailAddress.UID}
}
user = &user_model.User{ID: emailAddress.UID}
} else {
trimmedUsername := strings.TrimSpace(username)
if len(trimmedUsername) == 0 {
@ -45,38 +49,40 @@ func UserSignIn(username, password string) (*user_model.User, *auth.Source, erro
user = &user_model.User{LowerName: strings.ToLower(trimmedUsername)}
}
hasUser, err := user_model.GetUser(user)
if err != nil {
return nil, nil, err
}
if hasUser {
source, err := auth.GetSourceByID(user.LoginSource)
if user != nil {
hasUser, err := user_model.GetUser(user)
if err != nil {
return nil, nil, err
}
if !source.IsActive {
return nil, nil, oauth2.ErrAuthSourceNotActived
}
if hasUser {
source, err := auth.GetSourceByID(user.LoginSource)
if err != nil {
return nil, nil, err
}
authenticator, ok := source.Cfg.(PasswordAuthenticator)
if !ok {
return nil, nil, smtp.ErrUnsupportedLoginType
}
if !source.IsActive {
return nil, nil, oauth2.ErrAuthSourceNotActived
}
user, err := authenticator.Authenticate(user, user.LoginName, password)
if err != nil {
return nil, nil, err
}
authenticator, ok := source.Cfg.(PasswordAuthenticator)
if !ok {
return nil, nil, smtp.ErrUnsupportedLoginType
}
// WARN: DON'T check user.IsActive, that will be checked on reqSign so that
// user could be hint to resend confirm email.
if user.ProhibitLogin {
return nil, nil, user_model.ErrUserProhibitLogin{UID: user.ID, Name: user.Name}
}
user, err := authenticator.Authenticate(user, user.LoginName, password)
if err != nil {
return nil, nil, err
}
return user, source, nil
// WARN: DON'T check user.IsActive, that will be checked on reqSign so that
// user could be hint to resend confirm email.
if user.ProhibitLogin {
return nil, nil, user_model.ErrUserProhibitLogin{UID: user.ID, Name: user.Name}
}
return user, source, nil
}
}
sources, err := auth.AllActiveSources()
@ -111,5 +117,9 @@ func UserSignIn(username, password string) (*user_model.User, *auth.Source, erro
}
}
if isEmail {
return nil, nil, user_model.ErrEmailAddressNotExist{Email: username}
}
return nil, nil, user_model.ErrUserNotExist{Name: username}
}