upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-05-28 04:32:30 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 25

Merge pull request #51252 from nextcloud/backport/50989/stable30

Browse source 
[stable30] fix: Use case insensitive check when validating login name
This commit is contained in:
Andy Scherzinger 2025-03-05 17:48:25 +01:00 committed by GitHub
commit 7bbeae4c3c
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
lib/private/User/Session.php
View file

@ -779,7 +779,7 @@ class Session implements IUserSession, Emitter {
* Check if login names match
*/
private function validateTokenLoginName(?string $loginName, IToken $token): bool {
if ($token->getLoginName() !== $loginName) {
if (mb_strtolower($token->getLoginName()) !== mb_strtolower($loginName ?? '')) {
// TODO: this makes it impossible to use different login names on browser and client
// e.g. login by e-mail 'user@example.com' on browser for generating the token will not
// allow to use the client token with the login name 'user'.