fixed bug in EncryptedUserService:
now allowing to login with real name or email Signed-off-by: Stephan Richter <s.richter@srsoftware.de>
This commit is contained in:
@@ -5,7 +5,7 @@ plugins {
|
|||||||
|
|
||||||
|
|
||||||
group = 'de.srsoftware'
|
group = 'de.srsoftware'
|
||||||
version = '1.0-SNAPSHOT'
|
version = '1.0.1'
|
||||||
|
|
||||||
jar.enabled = false
|
jar.enabled = false
|
||||||
build.enabled = false
|
build.enabled = false
|
||||||
|
|||||||
@@ -107,8 +107,8 @@ public class EncryptedUserService extends EncryptedConfig implements UserService
|
|||||||
}
|
}
|
||||||
for (var encryptedUser : backend.list()) {
|
for (var encryptedUser : backend.list()) {
|
||||||
var decryptedUser = decrypt(encryptedUser);
|
var decryptedUser = decrypt(encryptedUser);
|
||||||
if (!username.equals(decryptedUser.username())) continue;
|
var match = List.of(decryptedUser.username(), decryptedUser.realName(), decryptedUser.email()).contains(username);
|
||||||
if (hasher.matches(password, decryptedUser.hashedPassword())) {
|
if (match && hasher.matches(password, decryptedUser.hashedPassword())) {
|
||||||
this.unlock(username);
|
this.unlock(username);
|
||||||
return Payload.of(decryptedUser);
|
return Payload.of(decryptedUser);
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user