From 7ed011745a544873f40f806f1803cb8a4998ba01 Mon Sep 17 00:00:00 2001
From: Chris <ccbrown112@gmail.com>
Date: Thu, 26 Oct 2017 14:21:22 -0500
Subject: Remove more global refs / state (#7723)

* remove more global refs / state

* fix job enterprise initialization

* fix api4 test compilation

* saml api endpoints fix
---
 app/authentication.go | 19 ++++++-------------
 1 file changed, 6 insertions(+), 13 deletions(-)

(limited to 'app/authentication.go')

diff --git a/app/authentication.go b/app/authentication.go
index 7aae48b97..809c2e6c7 100644
--- a/app/authentication.go
+++ b/app/authentication.go
@@ -25,7 +25,7 @@ func (a *App) CheckPasswordAndAllCriteria(user *model.User, password string, mfa
 
 // This to be used for places we check the users password when they are already logged in
 func (a *App) doubleCheckPassword(user *model.User, password string) *model.AppError {
-	if err := checkUserLoginAttempts(user); err != nil {
+	if err := checkUserLoginAttempts(user, *a.Config().ServiceSettings.MaximumLoginAttempts); err != nil {
 		return err
 	}
 
@@ -83,15 +83,15 @@ func (a *App) CheckUserAdditionalAuthenticationCriteria(user *model.User, mfaTok
 		return err
 	}
 
-	if err := checkEmailVerified(user); err != nil {
-		return err
+	if !user.EmailVerified && a.Config().EmailSettings.RequireEmailVerification {
+		return model.NewAppError("Login", "api.user.login.not_verified.app_error", nil, "user_id="+user.Id, http.StatusUnauthorized)
 	}
 
 	if err := checkUserNotDisabled(user); err != nil {
 		return err
 	}
 
-	if err := checkUserLoginAttempts(user); err != nil {
+	if err := checkUserLoginAttempts(user, *a.Config().ServiceSettings.MaximumLoginAttempts); err != nil {
 		return err
 	}
 
@@ -116,21 +116,14 @@ func (a *App) CheckUserMfa(user *model.User, token string) *model.AppError {
 	return nil
 }
 
-func checkUserLoginAttempts(user *model.User) *model.AppError {
-	if user.FailedAttempts >= *utils.Cfg.ServiceSettings.MaximumLoginAttempts {
+func checkUserLoginAttempts(user *model.User, max int) *model.AppError {
+	if user.FailedAttempts >= max {
 		return model.NewAppError("checkUserLoginAttempts", "api.user.check_user_login_attempts.too_many.app_error", nil, "user_id="+user.Id, http.StatusUnauthorized)
 	}
 
 	return nil
 }
 
-func checkEmailVerified(user *model.User) *model.AppError {
-	if !user.EmailVerified && utils.Cfg.EmailSettings.RequireEmailVerification {
-		return model.NewAppError("Login", "api.user.login.not_verified.app_error", nil, "user_id="+user.Id, http.StatusUnauthorized)
-	}
-	return nil
-}
-
 func checkUserNotDisabled(user *model.User) *model.AppError {
 	if user.DeleteAt > 0 {
 		return model.NewAppError("Login", "api.user.login.inactive.app_error", nil, "user_id="+user.Id, http.StatusUnauthorized)
-- 
cgit v1.2.3-1-g7c22