diff options
| author | Chris <ccbrown112@gmail.com> | 2017-10-26 14:21:22 -0500 |
|---|---|---|
| committer | Joram Wilander <jwawilander@gmail.com> | 2017-10-26 15:21:22 -0400 |
| commit | 7ed011745a544873f40f806f1803cb8a4998ba01 (patch) | |
| tree | fe13919b050b33c8dd3f6ca5fce6ad1980b2dd3e /app/authentication.go | |
| parent | a0bfd2885d03e3f9fb6b3cdd6ba60eea93c848b2 (diff) | |
| download | chat-7ed011745a544873f40f806f1803cb8a4998ba01.tar.gz chat-7ed011745a544873f40f806f1803cb8a4998ba01.tar.bz2 chat-7ed011745a544873f40f806f1803cb8a4998ba01.zip | |
Remove more global refs / state (#7723)
* remove more global refs / state
* fix job enterprise initialization
* fix api4 test compilation
* saml api endpoints fix
Diffstat (limited to 'app/authentication.go')
| -rw-r--r-- | app/authentication.go | 19 |
1 files changed, 6 insertions, 13 deletions
diff --git a/app/authentication.go b/app/authentication.go index 7aae48b97..809c2e6c7 100644 --- a/app/authentication.go +++ b/app/authentication.go @@ -25,7 +25,7 @@ func (a *App) CheckPasswordAndAllCriteria(user *model.User, password string, mfa // This to be used for places we check the users password when they are already logged in func (a *App) doubleCheckPassword(user *model.User, password string) *model.AppError { - if err := checkUserLoginAttempts(user); err != nil { + if err := checkUserLoginAttempts(user, *a.Config().ServiceSettings.MaximumLoginAttempts); err != nil { return err } @@ -83,15 +83,15 @@ func (a *App) CheckUserAdditionalAuthenticationCriteria(user *model.User, mfaTok return err } - if err := checkEmailVerified(user); err != nil { - return err + if !user.EmailVerified && a.Config().EmailSettings.RequireEmailVerification { + return model.NewAppError("Login", "api.user.login.not_verified.app_error", nil, "user_id="+user.Id, http.StatusUnauthorized) } if err := checkUserNotDisabled(user); err != nil { return err } - if err := checkUserLoginAttempts(user); err != nil { + if err := checkUserLoginAttempts(user, *a.Config().ServiceSettings.MaximumLoginAttempts); err != nil { return err } @@ -116,21 +116,14 @@ func (a *App) CheckUserMfa(user *model.User, token string) *model.AppError { return nil } -func checkUserLoginAttempts(user *model.User) *model.AppError { - if user.FailedAttempts >= *utils.Cfg.ServiceSettings.MaximumLoginAttempts { +func checkUserLoginAttempts(user *model.User, max int) *model.AppError { + if user.FailedAttempts >= max { return model.NewAppError("checkUserLoginAttempts", "api.user.check_user_login_attempts.too_many.app_error", nil, "user_id="+user.Id, http.StatusUnauthorized) } return nil } -func checkEmailVerified(user *model.User) *model.AppError { - if !user.EmailVerified && utils.Cfg.EmailSettings.RequireEmailVerification { - return model.NewAppError("Login", "api.user.login.not_verified.app_error", nil, "user_id="+user.Id, http.StatusUnauthorized) - } - return nil -} - func checkUserNotDisabled(user *model.User) *model.AppError { if user.DeleteAt > 0 { return model.NewAppError("Login", "api.user.login.inactive.app_error", nil, "user_id="+user.Id, http.StatusUnauthorized) |