mirror of
https://github.com/correl/mage.git
synced 2024-11-28 19:19:55 +00:00
Do not register users and connect users without passwords when authentication is not activated.
This commit is contained in:
parent
4eb9719769
commit
3bc8f4bec2
1 changed files with 9 additions and 3 deletions
|
@ -75,6 +75,9 @@ public class Session {
|
||||||
}
|
}
|
||||||
|
|
||||||
public String registerUser(String userName, String password, String email) throws MageException {
|
public String registerUser(String userName, String password, String email) throws MageException {
|
||||||
|
if (!ConfigSettings.getInstance().isAuthenticationActivated()) {
|
||||||
|
return "Registration is disabled by the server config.";
|
||||||
|
}
|
||||||
synchronized(AuthorizedUserRepository.instance) {
|
synchronized(AuthorizedUserRepository.instance) {
|
||||||
String returnMessage = validateUserName(userName);
|
String returnMessage = validateUserName(userName);
|
||||||
if (returnMessage != null) {
|
if (returnMessage != null) {
|
||||||
|
@ -140,9 +143,12 @@ public class Session {
|
||||||
|
|
||||||
public String connectUserHandling(String userName, String password) throws MageException {
|
public String connectUserHandling(String userName, String password) throws MageException {
|
||||||
this.isAdmin = false;
|
this.isAdmin = false;
|
||||||
AuthorizedUser authorizedUser = AuthorizedUserRepository.instance.get(userName);
|
|
||||||
if (authorizedUser == null || !authorizedUser.doCredentialsMatch(userName, password)) {
|
if (ConfigSettings.getInstance().isAuthenticationActivated()) {
|
||||||
return "Wrong username or password";
|
AuthorizedUser authorizedUser = AuthorizedUserRepository.instance.get(userName);
|
||||||
|
if (authorizedUser == null || !authorizedUser.doCredentialsMatch(userName, password)) {
|
||||||
|
return "Wrong username or password";
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
User user = UserManager.getInstance().createUser(userName, host);
|
User user = UserManager.getInstance().createUser(userName, host);
|
||||||
|
|
Loading…
Reference in a new issue