[EmailAuthentication] Check if e-mail with filter_var

This commit is contained in:
Alexei Sorokin 2020-08-09 20:35:31 +03:00
parent f84dbb369f
commit 042e4b070c

View File

@ -1,47 +1,53 @@
<?php
// This file is part of GNU social - https://www.gnu.org/software/social
//
// GNU social is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// GNU social is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with GNU social. If not, see <http://www.gnu.org/licenses/>.
/**
* StatusNet, the distributed open-source microblogging tool
*
* Plugin that uses the email address as a username, and checks the password as normal
*
* PHP version 5
*
* LICENCE: This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* @category Plugin
* @package StatusNet
* @package GNUsocial
* @author Craig Andrews <candrews@integralblue.com>
* @copyright 2009 Free Software Foundation, Inc http://www.fsf.org
* @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
* @link http://status.net/
* @license https://www.gnu.org/licenses/agpl.html GNU AGPL v3 or later
*/
if (!defined('GNUSOCIAL')) { exit(1); }
defined('GNUSOCIAL') || die();
class EmailAuthenticationPlugin extends Plugin
{
const PLUGIN_VERSION = '2.0.0';
// $nickname for this plugin is the user's email address
function onStartCheckPassword($nickname, $password, &$authenticatedUser)
{
if (!strpos($nickname, '@')) {
public function onStartCheckPassword(
string $nickname,
string $password,
string &$authenticatedUser
): bool {
$email = filter_var(
$nickname,
FILTER_VALIDATE_EMAIL,
['flags' => FILTER_FLAG_EMAIL_UNICODE]
);
if ($email === false) {
return true;
}
$user = User::getKV('email', $nickname);
if ($user instanceof User && $user->email === $nickname) {
$user = User::getKV('email', $email);
if ($user instanceof User && $user->email === $email) {
if (common_check_user($user->nickname, $password)) {
$authenticatedUser = $user;
return false;