From: Jonatan Schlag <jonatan.schlag@ipfire.org>
Date: Sun, 29 Oct 2017 12:09:02 +0000 (+0100)
Subject: Add possibility to login via email address
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=ba1958a59f41b7118dbbb36344bee597e8169abc;p=pbs.git

Add possibility to login via email address

This patch to login via email address for normal users and for ldap
users. This is for ldap user also possible on the the first login.

Fixes: #11521

Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---

diff --git a/src/buildservice/ldap.py b/src/buildservice/ldap.py
index 9f5019e5..44f7c7ca 100644
--- a/src/buildservice/ldap.py
+++ b/src/buildservice/ldap.py
@@ -34,9 +34,9 @@ class LDAP(base.Object):
 	def auth(self, username, password):
 		log.debug("Checking credentials for %s" % username)
 
-		dn = self.get_dn_by_uid(username)
+		dn = self.get_dn(username)
 		if not dn:
-			log.debug("Could not resolve username %s to dn" % username)
+			log.debug("Could not resolve  %s to dn" % username)
 			return False
 
 		return self.bind(dn, password)
@@ -61,9 +61,31 @@ class LDAP(base.Object):
 		log.debug("DN for uid %s is: %s" % (uid, dn))
 		return dn
 
-	def get_user(self, uid, **kwargs):
+	def get_dn_by_mail(self, mail):
+		result = self.search("(&(objectClass=posixAccount)(mail=%s))" % mail, limit=1, attrlist=["uid"])
+
+		for dn, attrs in result:
+			return dn
+
+		log.debug("DN for mail %s is: %s" % (mail, dn))
+		return None
+
+	def get_dn(self, name):
+		return self.get_dn_by_uid(name) or self.get_dn_by_mail(name)
+
+	def get_user_by_mail(self, mail, **kwargs):
+		result = self.search("(&(objectClass=posixAccount)(mail=%s))" % mail, limit=1, **kwargs)
+		for dn, attrs in result:
+			return (dn, attrs)
+
+		return None
+
+	def get_user_by_dn(self, uid, **kwargs):
 		result = self.search("(&(objectClass=posixAccount)(uid=%s))" % uid, limit=1, **kwargs)
 		for dn, attrs in result:
 			return (dn, attrs)
 
-		return (None, None)
\ No newline at end of file
+		return None
+
+	def get_user(self, name, **kwargs):
+		return self.get_user_by_dn(name, **kwargs) or self.get_user_by_mail(name, **kwargs)
diff --git a/src/buildservice/users.py b/src/buildservice/users.py
index 0c43acc7..7c98d4bf 100644
--- a/src/buildservice/users.py
+++ b/src/buildservice/users.py
@@ -150,20 +150,21 @@ class Users(base.Object):
 		if None in (name, password):
 			return
 
-		# Search for the username in the database.
-		# The user must not be deleted and must be activated.
-		user = self._get_user("SELECT * FROM users WHERE name = %s AND \
-			activated IS TRUE AND deleted IS FALSE", name)
+		# usually we will get an email address as name
+		user = self.get_by_email(name) or self.get_by_name(name)
 
-		# If no user could be found, we search for a matching user in
-		# the LDAP database
 		if not user:
+			# If no user could be found, we search for a matching user in
+			# the LDAP database
 			if not self.ldap.auth(name, password):
 				return
 
 			# If a LDAP user is found (and password matches), we will
 			# create a new local user with the information from LDAP.
-			user = self.register_from_ldap(name)
+			user = self.create_from_ldap(name)
+
+		if not user.activated or user.deleted:
+			return
 
 		# Check if the password matches
 		if user.check_password(password):
@@ -440,6 +441,10 @@ class User(base.DataObject):
 	def activated(self):
 		return self.data.activated
 
+	@property
+	def deleted(self):
+		return self.data.deleted
+
 	@property
 	def registered(self):
 		return self.data.registered