spacefreak/user_sql
1
0
Fork 0
Code Pull Requests Activity

Issue#74 Case (in)sensitive login

Browse Source
This commit is contained in:
Marcin Łojewski
2018-10-28 17:40:12 +01:00
parent 9ab6df0f76
commit 0905096612
8 changed files with 29 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
CHANGELOG.md
View File

@@ -9,6 +9,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
- Whirlpool hash algorithm - Whirlpool hash algorithm
- 'Prepend salt' toggle - 'Prepend salt' toggle
- Drupal 7 hash algorithm - Drupal 7 hash algorithm
- Case-insensitive username option
### Fixed ### Fixed
- Error when 'Display name' not set - Error when 'Display name' not set
- Encoding of iteration for 'Extended DES (Crypt)' - Encoding of iteration for 'Extended DES (Crypt)'

1
README.md
View File

@@ -49,6 +49,7 @@ Name | Description | Details
--- | --- | --- --- | --- | ---
**Allow display name change** | With this option enabled user can change its display name. The display name change is propagated to the database. | Optional.<br/>Default: false.<br/>Requires: user *Display name* column. **Allow display name change** | With this option enabled user can change its display name. The display name change is propagated to the database. | Optional.<br/>Default: false.<br/>Requires: user *Display name* column.
**Allow password change** | Can user change its password. The password change is propagated to the database. See [Hash algorithms](#hash-algorithms). | Optional.<br/>Default: false. **Allow password change** | Can user change its password. The password change is propagated to the database. See [Hash algorithms](#hash-algorithms). | Optional.<br/>Default: false.
**Case-insensitive username** | Whether user query should be case-sensitive or case-insensitive. | Optional.<br/>Default: false.
**Use cache** | Use database query results cache. The cache can be cleared any time with the *Clear cache* button click. | Optional.<br/>Default: false. **Use cache** | Use database query results cache. The cache can be cleared any time with the *Clear cache* button click. | Optional.<br/>Default: false.
**Hash algorithm** | How users passwords are stored in the database. See [Hash algorithms](#hash-algorithms). | Mandatory. **Hash algorithm** | How users passwords are stored in the database. See [Hash algorithms](#hash-algorithms). | Mandatory.
**Email sync** | Sync e-mail address with the Nextcloud.<br/>- *None* - Disables this feature. This is the default option.<br/>- *Synchronise only once* - Copy the e-mail address to the Nextcloud preferences if its not set.<br/>- *Nextcloud always wins* - Always copy the e-mail address to the database. This updates the user table.<br/>- *SQL always wins* - Always copy the e-mail address to the Nextcloud preferences. | Optional.<br/>Default: *None*.<br/>Requires: user *Email* column. **Email sync** | Sync e-mail address with the Nextcloud.<br/>- *None* - Disables this feature. This is the default option.<br/>- *Synchronise only once* - Copy the e-mail address to the Nextcloud preferences if its not set.<br/>- *Nextcloud always wins* - Always copy the e-mail address to the database. This updates the user table.<br/>- *SQL always wins* - Always copy the e-mail address to the Nextcloud preferences. | Optional.<br/>Default: *None*.<br/>Requires: user *Email* column.

6
lib/Backend/UserBackend.php
View File

@@ -292,11 +292,13 @@ final class UserBackend extends ABackend implements
return false; return false;
} }
$user = $this->userRepository->findByUid($uid); $caseSensitive = empty($this->properties[Opt::CASE_INSENSITIVE_USERNAME]);
if (!($user instanceof User)) { $user = $this->userRepository->findByUid($uid, $caseSensitive);
if (!($user instanceof User) || ($caseSensitive && $user->uid !== $uid)) {
return false; return false;
} }
$uid = $user->uid;
$password = $this->addSalt($user, $password); $password = $this->addSalt($user, $password);
$isCorrect = $passwordAlgorithm->checkPassword( $isCorrect = $passwordAlgorithm->checkPassword(

1
lib/Constant/Opt.php
View File

@@ -28,6 +28,7 @@ namespace OCA\UserSQL\Constant;
*/ */
final class Opt final class Opt
{ {
const CASE_INSENSITIVE_USERNAME = "opt.case_insensitive_username";
const CRYPTO_CLASS = "opt.crypto_class"; const CRYPTO_CLASS = "opt.crypto_class";
const EMAIL_SYNC = "opt.email_sync"; const EMAIL_SYNC = "opt.email_sync";
const HOME_LOCATION = "opt.home_location"; const HOME_LOCATION = "opt.home_location";

1
lib/Constant/Query.php
View File

@@ -35,6 +35,7 @@ final class Query
const FIND_GROUP_USERS = "find_group_users"; const FIND_GROUP_USERS = "find_group_users";
const FIND_GROUPS = "find_groups"; const FIND_GROUPS = "find_groups";
const FIND_USER = "find_user"; const FIND_USER = "find_user";
const FIND_USER_CASE_INSENSITIVE = "find_user_case_insensitive";
const FIND_USER_GROUPS = "find_user_groups"; const FIND_USER_GROUPS = "find_user_groups";
const FIND_USERS = "find_users"; const FIND_USERS = "find_users";
const UPDATE_DISPLAY_NAME = "update_display_name"; const UPDATE_DISPLAY_NAME = "update_display_name";

5
lib/Query/QueryProvider.php
View File

@@ -144,6 +144,11 @@ class QueryProvider implements \ArrayAccess
"FROM $user " . "FROM $user " .
"WHERE $uUID = :$uidParam", "WHERE $uUID = :$uidParam",
Query::FIND_USER_CASE_INSENSITIVE =>
"SELECT $userColumns, $uPassword AS password " .
"FROM $user " .
"WHERE lower($uUID) = lower(:$uidParam)",
Query::FIND_USER_GROUPS => Query::FIND_USER_GROUPS =>
"SELECT $groupColumns " . "SELECT $groupColumns " .
"FROM $group, $userGroup " . "FROM $group, $userGroup " .

20
lib/Repository/UserRepository.php
View File

@@ -53,18 +53,26 @@ class UserRepository
} }
/** /**
* Get a user entity object. * Get an user entity object.
* *
* @param string $uid The user ID. * @param string $uid The user ID.
* @param bool $caseSensitive TRUE for case sensitive search,
* FALSE for case insensitive search.
* *
* @return User The user entity, NULL if it does not exists or * @return User The user entity, NULL if it does not exists or
* FALSE on failure. * FALSE on failure.
*/ */
public function findByUid($uid) public function findByUid($uid, $caseSensitive = true)
{ {
return $this->dataQuery->queryEntity( if ($caseSensitive) {
Query::FIND_USER, User::class, [Query::UID_PARAM => $uid] return $this->dataQuery->queryEntity(
); Query::FIND_USER, User::class, [Query::UID_PARAM => $uid]
);
} else {
return $this->dataQuery->queryEntity(
Query::FIND_USER_CASE_INSENSITIVE, User::class, [Query::UID_PARAM => $uid]
);
}
} }
/** /**

3
templates/admin.php
View File

@@ -109,7 +109,8 @@ function print_select_options(
<p class="settings-hint"><?php p($l->t("Here are all currently supported options.")); ?></p> <p class="settings-hint"><?php p($l->t("Here are all currently supported options.")); ?></p>
<fieldset><?php <fieldset><?php
print_checkbox_input($l, "opt-name_change", "Allow display name change", $_["opt.name_change"]); print_checkbox_input($l, "opt-name_change", "Allow display name change", $_["opt.name_change"]);
print_checkbox_input($l, "opt-password_change", "Allow password change", $_["opt.password_change"]); ?> print_checkbox_input($l, "opt-password_change", "Allow password change", $_["opt.password_change"]);
print_checkbox_input($l, "opt-case_insensitive_username", "Case-insensitive username", $_["opt.case_insensitive_username"]); ?>
<div class="button-right"><?php <div class="button-right"><?php
print_checkbox_input($l, "opt-use_cache", "Use cache", $_["opt.use_cache"], false); ?> print_checkbox_input($l, "opt-use_cache", "Use cache", $_["opt.use_cache"], false); ?>
<input type="submit" id="user_sql-clear_cache" value="<?php p($l->t("Clear cache")); ?>"> <input type="submit" id="user_sql-clear_cache" value="<?php p($l->t("Clear cache")); ?>">