Mercurial > kallithea
changeset 5690:2c3941817a8e
auth: authenticate using either username or email address
Use User.get_by_username_or_email() in get_user.
In authenticate(), update username if get_user succeeds.
The point of this change is that the web login is a complex thing that
includes, apart the authentication itself, form validation and a bunch of
other things.
This change on its own makes it possible to authenticate a user using its email
address, but that on its own isn't enough for web login or git/hg auth.
author | Andrew Shadura <andrew@shadura.me> |
---|---|
date | Sat, 30 Jan 2016 16:36:26 +0100 |
parents | 5bd63512505e |
children | b24e015a4174 |
files | kallithea/lib/auth_modules/__init__.py |
diffstat | 1 files changed, 9 insertions(+), 2 deletions(-) [+] |
line wrap: on
line diff
--- a/kallithea/lib/auth_modules/__init__.py Sat Jan 30 15:59:33 2016 +0100 +++ b/kallithea/lib/auth_modules/__init__.py Sat Jan 30 16:36:26 2016 +0100 @@ -139,8 +139,8 @@ log.debug('Trying to fetch user `%s` from Kallithea database', username) if username: - user = User.get_by_username(username) - if not user: + user = User.get_by_username_or_email(username) + if user is None: log.debug('Fallback to fetch user in case insensitive mode') user = User.get_by_username(username, case_insensitive=True) else: @@ -395,8 +395,15 @@ else: log.debug('Plugin %s accepted user `%s` for authentication', module, user) + # The user might have tried to authenticate using their email address, + # then the username variable wouldn't contain a valid username. + # But as the plugin has accepted the user, .username field should + # have a valid username, so use it for authentication purposes. + if user is not None: + username = user.username log.info('Authenticating user using %s plugin', plugin.__module__) + # _authenticate is a wrapper for .auth() method of plugin. # it checks if .auth() sends proper data. For KallitheaExternalAuthPlugin # it also maps users to Database and maps the attributes returned