fix: Move login via email logic to local backend

Backends can decide which names they accept for login, e.g. with user_ldap you can configure arbitrary login fields. This was a hacky approach to allow login via email, so instead this is now only handled by the local user backend. This also fixes some other related problems: Other logic relys on `backend::get()` which was not handling email, so e.g. password policy could not block users logged in via email if they use out-dated passwords. Similar for other integrations, as the user backend was not consistent with what is a login name and what not. Signed-off-by: Ferdinand Thiessen <[email protected]>
nextcloud · Jan 18, 2025 · e7fc0bd · e7fc0bd
1 parent 0d3edd2
commit e7fc0bd
Show file tree

Hide file tree

Showing 5 changed files with 137 additions and 182 deletions.
diff --git a/lib/composer/composer/autoload_classmap.php b/lib/composer/composer/autoload_classmap.php
@@ -1076,7 +1076,6 @@
     'OC\\Authentication\\Login\\ClearLostPasswordTokensCommand' => $baseDir . '/lib/private/Authentication/Login/ClearLostPasswordTokensCommand.php',
     'OC\\Authentication\\Login\\CompleteLoginCommand' => $baseDir . '/lib/private/Authentication/Login/CompleteLoginCommand.php',
     'OC\\Authentication\\Login\\CreateSessionTokenCommand' => $baseDir . '/lib/private/Authentication/Login/CreateSessionTokenCommand.php',
-    'OC\\Authentication\\Login\\EmailLoginCommand' => $baseDir . '/lib/private/Authentication/Login/EmailLoginCommand.php',
     'OC\\Authentication\\Login\\FinishRememberedLoginCommand' => $baseDir . '/lib/private/Authentication/Login/FinishRememberedLoginCommand.php',
     'OC\\Authentication\\Login\\LoggedInCheckCommand' => $baseDir . '/lib/private/Authentication/Login/LoggedInCheckCommand.php',
     'OC\\Authentication\\Login\\LoginData' => $baseDir . '/lib/private/Authentication/Login/LoginData.php',

diff --git a/lib/composer/composer/autoload_static.php b/lib/composer/composer/autoload_static.php
@@ -1125,7 +1125,6 @@ class ComposerStaticInit749170dad3f5e7f9ca158f5a9f04f6a2
         'OC\\Authentication\\Login\\ClearLostPasswordTokensCommand' => __DIR__ . '/../../..' . '/lib/private/Authentication/Login/ClearLostPasswordTokensCommand.php',
         'OC\\Authentication\\Login\\CompleteLoginCommand' => __DIR__ . '/../../..' . '/lib/private/Authentication/Login/CompleteLoginCommand.php',
         'OC\\Authentication\\Login\\CreateSessionTokenCommand' => __DIR__ . '/../../..' . '/lib/private/Authentication/Login/CreateSessionTokenCommand.php',
-        'OC\\Authentication\\Login\\EmailLoginCommand' => __DIR__ . '/../../..' . '/lib/private/Authentication/Login/EmailLoginCommand.php',
         'OC\\Authentication\\Login\\FinishRememberedLoginCommand' => __DIR__ . '/../../..' . '/lib/private/Authentication/Login/FinishRememberedLoginCommand.php',
         'OC\\Authentication\\Login\\LoggedInCheckCommand' => __DIR__ . '/../../..' . '/lib/private/Authentication/Login/LoggedInCheckCommand.php',
         'OC\\Authentication\\Login\\LoginData' => __DIR__ . '/../../..' . '/lib/private/Authentication/Login/LoginData.php',

diff --git a/lib/private/Authentication/Login/Chain.php b/lib/private/Authentication/Login/Chain.php
@@ -18,9 +18,6 @@ class Chain {
 	/** @var UidLoginCommand */
 	private $uidLoginCommand;
 
-	/** @var EmailLoginCommand */
-	private $emailLoginCommand;
-
 	/** @var LoggedInCheckCommand */
 	private $loggedInCheckCommand;
 
@@ -48,7 +45,6 @@ class Chain {
 	public function __construct(PreLoginHookCommand $preLoginHookCommand,
 		UserDisabledCheckCommand $userDisabledCheckCommand,
 		UidLoginCommand $uidLoginCommand,
-		EmailLoginCommand $emailLoginCommand,
 		LoggedInCheckCommand $loggedInCheckCommand,
 		CompleteLoginCommand $completeLoginCommand,
 		CreateSessionTokenCommand $createSessionTokenCommand,
@@ -61,7 +57,6 @@ public function __construct(PreLoginHookCommand $preLoginHookCommand,
 		$this->preLoginHookCommand = $preLoginHookCommand;
 		$this->userDisabledCheckCommand = $userDisabledCheckCommand;
 		$this->uidLoginCommand = $uidLoginCommand;
-		$this->emailLoginCommand = $emailLoginCommand;
 		$this->loggedInCheckCommand = $loggedInCheckCommand;
 		$this->completeLoginCommand = $completeLoginCommand;
 		$this->createSessionTokenCommand = $createSessionTokenCommand;
@@ -77,7 +72,6 @@ public function process(LoginData $loginData): LoginResult {
 		$chain
 			->setNext($this->userDisabledCheckCommand)
 			->setNext($this->uidLoginCommand)
-			->setNext($this->emailLoginCommand)
 			->setNext($this->loggedInCheckCommand)
 			->setNext($this->completeLoginCommand)
 			->setNext($this->createSessionTokenCommand)

diff --git a/lib/private/Authentication/Login/EmailLoginCommand.php b/lib/private/Authentication/Login/EmailLoginCommand.php