Mirror
/
zulip
mirror of https://github.com/zulip/zulip.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

auth: Move checks for password_auth_enabled earlier. 

This way, we don't attempt to evaluate whether the user's account is
active (etc.) until after we've checked the backend is enabled.  This
won't change the result of actual auth, but feels more readable.
This commit is contained in:
Tim Abbott 2017-11-21 12:39:56 -08:00
parent 3bfb19b5f3
commit 8c21619be8
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
zproject/backends.py
View File

@ -345,10 +345,6 @@ class EmailAuthBackend(ZulipAuthMixin):
raise AssertionError("Invalid call to authenticate for EmailAuthBackend")
if realm is None:
return None
user_profile = common_get_active_user_by_email(username, return_data=return_data)
if user_profile is None:
return None
if not password_auth_enabled(realm):
if return_data is not None:
return_data['password_auth_disabled'] = True
@ -357,6 +353,10 @@ class EmailAuthBackend(ZulipAuthMixin):
if return_data is not None:
return_data['email_auth_disabled'] = True
return None
user_profile = common_get_active_user_by_email(username, return_data=return_data)
if user_profile is None:
return None
if user_profile.check_password(password):
if not user_matches_subdomain(realm.subdomain, user_profile):
if return_data is not None: