Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: Move login via email logic to local backend #47686

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

fix: Move login via email logic to local backend #47686

wants to merge 1 commit into from
+137 −330

Conversation

susnux
Copy link
Contributor

@susnux susnux commented Sep 2, 2024

Summary

Backends can decide which names they accept for login, e.g. with user_ldap you can configure arbitrary login fields. This was a hacky approach to allow login via email, so instead this is now only handled by the local user backend.

This also fixes some other related problems:
Other logic relys on backend::get() which was not handling email, so e.g. password policy could not block users logged in via email if they use out-dated passwords.
Similar for other integrations, as the user backend was not consistent with what is a login name and what not.

Checklist

@susnux susnux added feature: users and groups technical debt php Pull requests that update Php code 2. developing Work in progress labels Sep 2, 2024
@susnux susnux added this to the Nextcloud 31 milestone Sep 2, 2024
github-advanced-security[bot]
github-advanced-security bot found potential problems Sep 2, 2024
View reviewed changes
lib/private/User/Database.php Outdated
private function loadUser($uid) {
$this->fixDI();
private function loadUser(string $loginName, bool $tryEmail = true): bool {
$uid = (string)$loginName;

Check failure

Code scanning / Psalm

RedundantCast

Redundant cast to string
lib/private/User/Database.php Outdated
if ($result) {
// Also add cache result for the email
$this->cache[$uid] = [
...$this->cache[$emailUId],

Check failure

Code scanning / Psalm

InvalidOperand

Cannot use spread operator on non-iterable type mixed
@susnux susnux force-pushed the fix/move-email-logic-local-user-backend branch 3 times, most recently from 1b08425 to e7fc0bd Compare January 18, 2025 15:51
@susnux
fix: Move login via email logic to local backend
5536284 
Backends can decide which names they accept for login,
e.g. with user_ldap you can configure arbitrary login fields.
This was a hacky approach to allow login via email,
so instead this is now only handled by the local user backend.

This also fixes some other related problems:
Other logic relys on `backend::get()` which was not handling email,
so e.g. password policy could not block users logged in via email
if they use out-dated passwords.
Similar for other integrations, as the user backend was not consistent with
what is a login name and what not.

Signed-off-by: Ferdinand Thiessen <[email protected]>
@susnux susnux force-pushed the fix/move-email-logic-local-user-backend branch from e7fc0bd to 5536284 Compare January 18, 2025 16:14
@susnux susnux marked this pull request as ready for review January 18, 2025 16:47
@susnux susnux added 3. to review Waiting for reviews and removed 2. developing Work in progress labels Jan 18, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nickvergessen nickvergessen Awaiting requested review from nickvergessen

@ChristophWurst ChristophWurst Awaiting requested review from ChristophWurst

@come-nc come-nc Awaiting requested review from come-nc

@blizzz blizzz Awaiting requested review from blizzz

At least 2 approving reviews are required to merge this pull request.

Assignees
No one assigned
Labels
3. to review Waiting for reviews feature: users and groups php Pull requests that update Php code technical debt
Projects
None yet
Milestone
Nextcloud 31
1 participant
@susnux