# HG changeset patch # User Andrew Shadura # Date 2016-01-30 16:36:26 # Node ID 2c3941817a8eb4f0d21e81692cc22cb0982c3797 # Parent 5bd63512505e0503aea2b7547c2a704fc63a8c3d auth: authenticate using either username or email address Use User.get_by_username_or_email() in get_user. In authenticate(), update username if get_user succeeds. The point of this change is that the web login is a complex thing that includes, apart the authentication itself, form validation and a bunch of other things. This change on its own makes it possible to authenticate a user using its email address, but that on its own isn't enough for web login or git/hg auth. diff --git a/kallithea/lib/auth_modules/__init__.py b/kallithea/lib/auth_modules/__init__.py --- a/kallithea/lib/auth_modules/__init__.py +++ b/kallithea/lib/auth_modules/__init__.py @@ -139,8 +139,8 @@ class KallitheaAuthPluginBase(object): log.debug('Trying to fetch user `%s` from Kallithea database', username) if username: - user = User.get_by_username(username) - if not user: + user = User.get_by_username_or_email(username) + if user is None: log.debug('Fallback to fetch user in case insensitive mode') user = User.get_by_username(username, case_insensitive=True) else: @@ -395,8 +395,15 @@ def authenticate(username, password, env else: log.debug('Plugin %s accepted user `%s` for authentication', module, user) + # The user might have tried to authenticate using their email address, + # then the username variable wouldn't contain a valid username. + # But as the plugin has accepted the user, .username field should + # have a valid username, so use it for authentication purposes. + if user is not None: + username = user.username log.info('Authenticating user using %s plugin', plugin.__module__) + # _authenticate is a wrapper for .auth() method of plugin. # it checks if .auth() sends proper data. For KallitheaExternalAuthPlugin # it also maps users to Database and maps the attributes returned