upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-05-28 04:32:30 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 54

Merge pull request #42654 from nextcloud/backport/42651/stable25

Browse source 
[stable25] perf: Use more performant way to obtain and check the email as a login name with token login
This commit is contained in:
Julius Härtl 2024-01-11 11:53:37 +01:00 committed by GitHub
commit d4a49ed4d7
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 23 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
lib/private/AllConfig.php
View file

@ -32,6 +32,7 @@
*/
namespace OC;
use Doctrine\DBAL\Platforms\OraclePlatform;
use OCP\Cache\CappedMemoryCache;
use OCP\DB\QueryBuilder\IQueryBuilder;
use OCP\IConfig;
@ -490,12 +491,15 @@ class AllConfig implements IConfig {
$this->fixDIInit();
$qb = $this->connection->getQueryBuilder();
$configValueColumn = ($this->connection->getDatabasePlatform() instanceof OraclePlatform)
? $qb->expr()->castColumn('configvalue', IQueryBuilder::PARAM_STR)
: 'configvalue';
$result = $qb->select('userid')
->from('preferences')
->where($qb->expr()->eq('appid', $qb->createNamedParameter($appName, IQueryBuilder::PARAM_STR)))
->andWhere($qb->expr()->eq('configkey', $qb->createNamedParameter($key, IQueryBuilder::PARAM_STR)))
->andWhere($qb->expr()->eq(
$qb->expr()->castColumn('configvalue', IQueryBuilder::PARAM_STR),
$configValueColumn,
$qb->createNamedParameter($value, IQueryBuilder::PARAM_STR))
)->orderBy('userid')
->executeQuery();
@ -524,13 +528,18 @@ class AllConfig implements IConfig {
// Email address is always stored lowercase in the database
return $this->getUsersForUserValue($appName, $key, strtolower($value));
}
$qb = $this->connection->getQueryBuilder();
$configValueColumn = ($this->connection->getDatabasePlatform() instanceof OraclePlatform)
? $qb->expr()->castColumn('configvalue', IQueryBuilder::PARAM_STR)
: 'configvalue';
$result = $qb->select('userid')
->from('preferences')
->where($qb->expr()->eq('appid', $qb->createNamedParameter($appName, IQueryBuilder::PARAM_STR)))
->andWhere($qb->expr()->eq('configkey', $qb->createNamedParameter($key, IQueryBuilder::PARAM_STR)))
->andWhere($qb->expr()->eq(
$qb->func()->lower($qb->expr()->castColumn('configvalue', IQueryBuilder::PARAM_STR)),
$qb->func()->lower($configValueColumn),
$qb->createNamedParameter(strtolower($value), IQueryBuilder::PARAM_STR))
)->orderBy('userid')
->executeQuery();

13
lib/private/User/Session.php
View file

@ -456,8 +456,17 @@ class Session implements IUserSession, Emitter {
$this->handleLoginFailed($throttler, $currentDelay, $remoteAddress, $user, $password);
return false;
}
$users = $this->manager->getByEmail($user);
if (!(\count($users) === 1 && $this->login($users[0]->getUID(), $password))) {
if ($isTokenPassword) {
$dbToken = $this->tokenProvider->getToken($password);
$userFromToken = $this->manager->get($dbToken->getUID());
$isValidEmailLogin = $userFromToken->getEMailAddress() === $user;
} else {
$users = $this->manager->getByEmail($user);
$isValidEmailLogin = (\count($users) === 1 && $this->login($users[0]->getUID(), $password));
}
if (!$isValidEmailLogin) {
$this->handleLoginFailed($throttler, $currentDelay, $remoteAddress, $user, $password);
return false;
}

2
tests/lib/User/SessionTest.php
View file

@ -1118,7 +1118,7 @@ class SessionTest extends \Test\TestCase {
$userSession->expects($this->once())
->method('isTokenPassword')
->willReturn(true);
->willReturn(false);
$userSession->expects($this->once())
->method('login')
->with('john@foo.bar', 'I-AM-AN-PASSWORD')