don't try login with the same name that just failed
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
This commit is contained in:
parent
4bf292b112
commit
cef195fc48
|
@ -233,13 +233,15 @@ class LoginController extends Controller {
|
||||||
$users = $this->userManager->getByEmail($user);
|
$users = $this->userManager->getByEmail($user);
|
||||||
// we only allow login by email if unique
|
// we only allow login by email if unique
|
||||||
if (count($users) === 1) {
|
if (count($users) === 1) {
|
||||||
|
$previousUser = $user;
|
||||||
$user = $users[0]->getUID();
|
$user = $users[0]->getUID();
|
||||||
$loginResult = $this->userManager->checkPassword($user, $password);
|
if($user !== $previousUser) {
|
||||||
} else {
|
$loginResult = $this->userManager->checkPassword($user, $password);
|
||||||
$this->logger->warning('Login failed: \''. $user .'\' (Remote IP: \''. $this->request->getRemoteAddress(). '\')', ['app' => 'core']);
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if ($loginResult === false) {
|
if ($loginResult === false) {
|
||||||
|
$this->logger->warning('Login failed: \''. $user .'\' (Remote IP: \''. $this->request->getRemoteAddress(). '\')', ['app' => 'core']);
|
||||||
// Read current user and append if possible - we need to return the unmodified user otherwise we will leak the login name
|
// Read current user and append if possible - we need to return the unmodified user otherwise we will leak the login name
|
||||||
$args = !is_null($user) ? ['user' => $originalUser] : [];
|
$args = !is_null($user) ? ['user' => $originalUser] : [];
|
||||||
if (!is_null($redirect_url)) {
|
if (!is_null($redirect_url)) {
|
||||||
|
|
Loading…
Reference in New Issue