Merge pull request #41927 from nextcloud/perf/login-with-email-token

2 years ago · 6c52242fb1
parent 991f52971a 0ccf84bb31
commit 6c52242fb1
5 changed files with 38 additions and 5 deletions
--- a/core/Application.php
+++ b/core/Application.php
@ -44,6 +44,7 @@ use OC\Authentication\Listeners\UserDeletedWebAuthnCleanupListener;
 use OC\Authentication\Notifications\Notifier as AuthenticationNotifier;
 use OC\Core\Listener\BeforeTemplateRenderedListener;
 use OC\Core\Notification\CoreNotifier;
+use OC\SystemConfig;
 use OC\TagManager;
 use OCP\AppFramework\App;
 use OCP\AppFramework\Http\Events\BeforeLoginTemplateRenderedEvent;
@ -81,6 +82,7 @@ class Application extends App {
 		$notificationManager->registerNotifierService(AuthenticationNotifier::class);

 		$eventDispatcher->addListener(AddMissingIndicesEvent::class, function (AddMissingIndicesEvent $event) {
+			$dbType = $this->getContainer()->get(SystemConfig::class)->getSystemValue('dbtype', 'sqlite');
 			$event->addMissingIndex(
 				'share',
 				'share_with_index',
@ -237,6 +239,15 @@ class Application extends App {
 				['appid', 'configkey']
 			);

+			if ($dbType !== 'oci') {
+				$event->addMissingIndex(
+					'preferences',
+					'preferences_configvalue',
+					['configvalue'],
+					['lengths' => [80]]
+				);
+			}
+
 			$event->addMissingIndex(
 				'mounts',
 				'mounts_class_index',
--- a/core/Migrations/Version13000Date20170718121200.php
+++ b/core/Migrations/Version13000Date20170718121200.php
@ -31,6 +31,7 @@
 */
 namespace OC\Core\Migrations;

+use Doctrine\DBAL\Platforms\OraclePlatform;
 use Doctrine\DBAL\Platforms\PostgreSQL94Platform;
 use OCP\DB\ISchemaWrapper;
 use OCP\DB\Types;
@ -332,6 +333,9 @@ class Version13000Date20170718121200 extends SimpleMigrationStep {
 			]);
 			$table->setPrimaryKey(['userid', 'appid', 'configkey']);
 			$table->addIndex(['appid', 'configkey'], 'preferences_app_key');
+			if (!$this->connection->getDatabasePlatform() instanceof OraclePlatform) {
+				$table->addIndex(['configvalue'], 'preferences_configvalue', [], ['lengths' => [80]]);
+			}
 		}

 		if (!$schema->hasTable('properties')) {
--- a/lib/private/AllConfig.php
+++ b/lib/private/AllConfig.php
@ -32,6 +32,7 @@
 */
 namespace OC;

+use Doctrine\DBAL\Platforms\OraclePlatform;
 use OCP\Cache\CappedMemoryCache;
 use OCP\DB\QueryBuilder\IQueryBuilder;
 use OCP\IConfig;
@ -490,12 +491,15 @@ class AllConfig implements IConfig {
 		$this->fixDIInit();

 		$qb = $this->connection->getQueryBuilder();
+		$configValueColumn = ($this->connection->getDatabasePlatform() instanceof OraclePlatform)
+			? $qb->expr()->castColumn('configvalue', IQueryBuilder::PARAM_STR)
+			: 'configvalue';
 		$result = $qb->select('userid')
 			->from('preferences')
 			->where($qb->expr()->eq('appid', $qb->createNamedParameter($appName, IQueryBuilder::PARAM_STR)))
 			->andWhere($qb->expr()->eq('configkey', $qb->createNamedParameter($key, IQueryBuilder::PARAM_STR)))
 			->andWhere($qb->expr()->eq(
-				$qb->expr()->castColumn('configvalue', IQueryBuilder::PARAM_STR),
+				$configValueColumn,
 				$qb->createNamedParameter($value, IQueryBuilder::PARAM_STR))
 			)->orderBy('userid')
 			->executeQuery();
@ -524,13 +528,18 @@ class AllConfig implements IConfig {
 			// Email address is always stored lowercase in the database
 			return $this->getUsersForUserValue($appName, $key, strtolower($value));
 		}
+
 		$qb = $this->connection->getQueryBuilder();
+		$configValueColumn = ($this->connection->getDatabasePlatform() instanceof OraclePlatform)
+			? $qb->expr()->castColumn('configvalue', IQueryBuilder::PARAM_STR)
+			: 'configvalue';
+
 		$result = $qb->select('userid')
 			->from('preferences')
 			->where($qb->expr()->eq('appid', $qb->createNamedParameter($appName, IQueryBuilder::PARAM_STR)))
 			->andWhere($qb->expr()->eq('configkey', $qb->createNamedParameter($key, IQueryBuilder::PARAM_STR)))
 			->andWhere($qb->expr()->eq(
-				$qb->func()->lower($qb->expr()->castColumn('configvalue', IQueryBuilder::PARAM_STR)),
+				$qb->func()->lower($configValueColumn),
 				$qb->createNamedParameter(strtolower($value), IQueryBuilder::PARAM_STR))
 			)->orderBy('userid')
 			->executeQuery();
--- a/lib/private/User/Session.php
+++ b/lib/private/User/Session.php
@ -456,8 +456,17 @@ class Session implements IUserSession, Emitter {
 				$this->handleLoginFailed($throttler, $currentDelay, $remoteAddress, $user, $password);
 				return false;
 			}
-			$users = $this->manager->getByEmail($user);
-			if (!(\count($users) === 1 && $this->login($users[0]->getUID(), $password))) {
+
+			if ($isTokenPassword) {
+				$dbToken = $this->tokenProvider->getToken($password);
+				$userFromToken = $this->manager->get($dbToken->getUID());
+				$isValidEmailLogin = $userFromToken->getEMailAddress() === $user;
+			} else {
+				$users = $this->manager->getByEmail($user);
+				$isValidEmailLogin = (\count($users) === 1 && $this->login($users[0]->getUID(), $password));
+			}
+
+			if (!$isValidEmailLogin) {
 				$this->handleLoginFailed($throttler, $currentDelay, $remoteAddress, $user, $password);
 				return false;
 			}
--- a/tests/lib/User/SessionTest.php
+++ b/tests/lib/User/SessionTest.php
@ -1110,7 +1110,7 @@ class SessionTest extends \Test\TestCase {

 		$userSession->expects($this->once())
 			->method('isTokenPassword')
-			->willReturn(true);
+			->willReturn(false);
 		$userSession->expects($this->once())
 			->method('login')
 			->with('john@foo.bar', 'I-AM-AN-PASSWORD')