eliseuamaro/gnu-social
1
0
Fork 0
forked from GNUsocial/gnu-social
Code Issues Pull Requests Releases Wiki Activity

[TESTS][Security] Fix SecurityTest. Remove nickname normalization on register (a plugin can handle that). Move from filter_var(FILTER_VALIDATE_EMAIL) as it does not support dotless domains

Browse Source
This commit is contained in:
Hugo Sales
2021-11-14 23:15:24 +00:00
parent bf5ffe7d3d
commit eab6de3609
7 changed files with 62 additions and 43 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/Security/Authenticator.php
View File

@@ -25,8 +25,10 @@ use function App\Core\I18n\_m;
use App\Core\Router\Router;
use App\Entity\LocalUser;
use App\Entity\User;
use App\Util\Common;
use App\Util\Exception\NoSuchActorException;
use App\Util\Exception\NotFoundException;
use App\Util\Nickname;
use Stringable;
use Symfony\Component\HttpFoundation\RedirectResponse;
use Symfony\Component\HttpFoundation\Request;
@@ -99,9 +101,9 @@ class Authenticator extends AbstractFormLoginAuthenticator
}
$user = null;
try {
if (filter_var($credentials['nickname_or_email'], \FILTER_VALIDATE_EMAIL) !== false) {
if (Common::isValidEmail($credentials['nickname_or_email'])) {
$user = LocalUser::getByEmail($credentials['nickname_or_email']);
} else {
} elseif (Nickname::isValid($credentials['nickname_or_email'])) {
$user = LocalUser::getByNickname($credentials['nickname_or_email']);
}
if ($user === null) {