From 0017137d0beb0d58c3bc0896988c9b0c00ebe9b4 Mon Sep 17 00:00:00 2001 From: Uwe Steinmann Date: Wed, 20 Mar 2024 17:05:41 +0100 Subject: [PATCH] allow login by email if turned on in configuration --- inc/inc.ClassDbAuthentication.php | 5 +++++ inc/inc.ClassSettings.php | 4 ++++ op/op.Settings.php | 1 + views/bootstrap/class.Settings.php | 1 + 4 files changed, 11 insertions(+) diff --git a/inc/inc.ClassDbAuthentication.php b/inc/inc.ClassDbAuthentication.php index 2d65e8516..0c7eaad4f 100644 --- a/inc/inc.ClassDbAuthentication.php +++ b/inc/inc.ClassDbAuthentication.php @@ -47,6 +47,11 @@ class SeedDMS_DbAuthentication extends SeedDMS_Authentication { if($user = $dms->getUserByLogin($username)) { $userid = $user->getID(); + // Check if password matches + if (!seed_pass_verify($password, $user->getPwd())) { + $user = null; + } + } elseif(!empty($this->settings->_enableLoginByEmail) && ($user = $dms->getUserByEmail($username))) { // Check if password matches if (!seed_pass_verify($password, $user->getPwd())) { $user = null; diff --git a/inc/inc.ClassSettings.php b/inc/inc.ClassSettings.php index 39b8ec88e..b0fa9da5e 100644 --- a/inc/inc.ClassSettings.php +++ b/inc/inc.ClassSettings.php @@ -45,6 +45,8 @@ class Settings { /* {{{ */ var $_enableGuestLogin = false; // If you even want guest to be logged in automatically, set the following to true var $_enableGuestAutoLogin = false; + // If you want to allow login by email, set the following to true + var $_enableLoginByEmail = false; // Allow users to reset their password var $_enablePasswordForgotten = false; // Do not allow users to change password @@ -627,6 +629,7 @@ class Settings { /* {{{ */ $tab = $node[0]->attributes(); $this->_enableGuestLogin = Settings::boolVal($tab["enableGuestLogin"]); $this->_enableGuestAutoLogin = Settings::boolVal($tab["enableGuestAutoLogin"]); + $this->_enableLoginByEmail = Settings::boolVal($tab["enableLoginByEmail"]); $this->_enablePasswordForgotten = Settings::boolVal($tab["enablePasswordForgotten"]); $this->_passwordStrength = intval($tab["passwordStrength"]); $this->_passwordStrengthAlgorithm = strval($tab["passwordStrengthAlgorithm"]); @@ -1011,6 +1014,7 @@ class Settings { /* {{{ */ $node = $this->getXMLNode($xml, '/configuration/system', 'authentication'); $this->setXMLAttributValue($node, "enableGuestLogin", $this->_enableGuestLogin); $this->setXMLAttributValue($node, "enableGuestAutoLogin", $this->_enableGuestAutoLogin); + $this->setXMLAttributValue($node, "enableLoginByEmail", $this->_enableLoginByEmail); $this->setXMLAttributValue($node, "enablePasswordForgotten", $this->_enablePasswordForgotten); $this->setXMLAttributValue($node, "passwordStrength", $this->_passwordStrength); $this->setXMLAttributValue($node, "passwordStrengthAlgorithm", $this->_passwordStrengthAlgorithm); diff --git a/op/op.Settings.php b/op/op.Settings.php index 351d1560b..1ac008924 100644 --- a/op/op.Settings.php +++ b/op/op.Settings.php @@ -193,6 +193,7 @@ if ($action == "saveSettings") // SETTINGS - SYSTEM - AUTHENTICATION setBoolValue("enableGuestLogin"); setBoolValue("enableGuestAutoLogin"); + setBoolValue("enableLoginByEmail"); setBoolValue("restricted"); setBoolValue("enableUserImage"); setBoolValue("disableSelfEdit"); diff --git a/views/bootstrap/class.Settings.php b/views/bootstrap/class.Settings.php index f82a9ac1e..2791c335d 100644 --- a/views/bootstrap/class.Settings.php +++ b/views/bootstrap/class.Settings.php @@ -479,6 +479,7 @@ if(($kkk = $this->callHook('getFullSearchEngine')) && is_array($kkk)) showConfigHeadline('settings_Authentication'); ?> showConfigCheckbox('settings_enableGuestLogin', 'enableGuestLogin'); ?> showConfigCheckbox('settings_enableGuestAutoLogin', 'enableGuestAutoLogin'); ?> +showConfigCheckbox('settings_enableLoginByEmail', 'enableLoginByEmail'); ?> showConfigCheckbox('settings_restricted', 'restricted'); ?> showConfigCheckbox('settings_enableUserImage', 'enableUserImage'); ?> showConfigCheckbox('settings_disableSelfEdit', 'disableSelfEdit'); ?>