perf: Use more performant way to obtain and check the email as a logi…

…n name with token login Signed-off-by: Julius Härtl <jus@bitgrid.net>
nextcloud · Nov 30, 2023 · dd98421 · dd98421
1 parent 6e3781b
commit dd98421
Showing 1 changed file with 11 additions and 2 deletions.
diff --git a/lib/private/User/Session.php b/lib/private/User/Session.php
@@ -456,8 +456,17 @@ public function logClientIn($user,
 				$this->handleLoginFailed($throttler, $currentDelay, $remoteAddress, $user, $password);
 				return false;
 			}
-			$users = $this->manager->getByEmail($user);
-			if (!(\count($users) === 1 && $this->login($users[0]->getUID(), $password))) {
+
+			if ($isTokenPassword) {
+				$dbToken = $this->tokenProvider->getToken($password);
+				$userFromToken = $this->manager->get($dbToken->getUID());
+				$isValidEmailLogin = $userFromToken->getEMailAddress() === $user;
+			} else {
+				$users = $this->manager->getByEmail($user);
+				$isValidEmailLogin = (\count($users) === 1 && $this->login($users[0]->getUID(), $password));
+			}
+
+			if (!$isValidEmailLogin) {
 				$this->handleLoginFailed($throttler, $currentDelay, $remoteAddress, $user, $password);
 				return false;
 			}