upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-02-20 00:12:30 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions 38

Use cached user backend info for password login

Browse source 
Signed-off-by: Joas Schilling <coding@schilljs.com>
This commit is contained in:
Joas Schilling 2021-07-08 16:52:59 +02:00
parent d31456093d
commit 1b8ebf2cf1
No known key found for this signature in database
GPG key ID: 7076EA9751AACDDA
1 changed files with 9 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
lib/private/User/Manager.php
View file

@ -246,7 +246,13 @@ class Manager extends PublicEmitter implements IUserManager {
$loginName = str_replace("\0", '', $loginName);
$password = str_replace("\0", '', $password);
foreach ($this->backends as $backend) {
$cachedBackend = $this->cache->get($loginName);
if ($cachedBackend !== null && isset($this->backends[$cachedBackend])) {
$backends = [$this->backends[$cachedBackend]];
} else {
$backends = $this->backends;
}
foreach ($backends as $backend) {
if ($backend->implementsActions(Backend::CHECK_PASSWORD)) {
$uid = $backend->checkPassword($loginName, $password);
if ($uid !== false) {
@ -257,10 +263,10 @@ class Manager extends PublicEmitter implements IUserManager {
// since http basic auth doesn't provide a standard way of handling non ascii password we allow password to be urlencoded
// we only do this decoding after using the plain password fails to maintain compatibility with any password that happens
// to contains urlencoded patterns by "accident".
// to contain urlencoded patterns by "accident".
$password = urldecode($password);
foreach ($this->backends as $backend) {
foreach ($backends as $backend) {
if ($backend->implementsActions(Backend::CHECK_PASSWORD)) {
$uid = $backend->checkPassword($loginName, $password);
if ($uid !== false) {