cubicweb: comparison web/views/authentication.py

equal deleted inserted replaced

-:efc6de279644
+:e1d2df3f1091
 login = req.get_authorization()[0]
 try:
 # calling cnx.user() check connection validity, raise
 # BadConnectionId on failure
 user = cnx.user(req)
-if login and user.login != login:
+# check cnx.login and not user.login, since in case of login by
+# email, login and cnx.login are the email while user.login is the
+# actual user login
+if login and cnx.login != login:
 cnx.close()
 raise InvalidSession('login mismatch')
 except BadConnectionId:
 # check if a connection should be automatically restablished
 if (login is None or login == cnx.login):
 raise InvalidSession('bad connection id')
 # associate the connection to the current request
 req.set_connection(cnx, user)
 return cnx
-def login_from_email(self, login):
-# XXX should not be called from web interface
-session = self.repo.internal_session()
-try:
-rset = session.execute('Any L WHERE U login L, U primary_email M, '
-'M address %(login)s', {'login': login})
-if rset.rowcount == 1:
-login = rset[0][0]
-finally:
-session.close()
-return login
 def authenticate(self, req, _login=None, _password=None):
 """authenticate user and return corresponding user object
 :raise ExplicitLogin: if authentication is required (no authentication
 info found or wrong user/password)
 """
 if _login is not None:
 login, password = _login, _password
 else:
 login, password = req.get_authorization()
-if self.vreg.config['allow-email-login'] and '@' in (login or u''):
-login = self.login_from_email(login)
 if not login:
 # No session and no login -> try anonymous
 login, password = self.vreg.config.anonymous_user()
 if not login: # anonymous not authorized
 raise ExplicitLogin()

branch	stable
changeset 2267	e1d2df3f1091
parent 1977	606923dff11b
child 2887	1282dc6525c5
child 4212	ab6573088b4a