Core: only try local auth if a user has the "database" auth provider set

[quassel.git] / src / core / coreauthhandler.cpp

diff --git a/src/core/coreauthhandler.cpp b/src/core/coreauthhandler.cpp
index ee505a7..d8f81ab 100644 (file)
--- a/src/core/coreauthhandler.cpp
+++ b/src/core/coreauthhandler.cpp
@@ -1,5 +1,5 @@
 /***************************************************************************
- *   Copyright (C) 2005-2018 by the Quassel Project                        *
+ *   Copyright (C) 2005-2019 by the Quassel Project                        *
  *   devel@quassel-irc.org                                                 *
  *                                                                         *
  *   This program is free software; you can redistribute it and/or modify  *
@@ -228,7 +228,17 @@ void CoreAuthHandler::handle(const Protocol::Login& msg)
 
     // First attempt local auth using the real username and password.
     // If that fails, move onto the auth provider.
-    UserId uid = Core::validateUser(msg.user, msg.password);
+
+    // Check to see if the user has the "Database" authenticator configured.
+    UserId uid = 0;
+    if (Core::getUserAuthenticator(msg.user) == "Database") {
+        uid = Core::validateUser(msg.user, msg.password);
+    }
+
+    // If they did not, *or* if the database login fails, try to use a different authenticator.
+    // TODO: this logic should likely be moved into Core::authenticateUser in the future.
+    // Right now a core can only have one authenticator configured; this might be something
+    // to change in the future.
     if (uid == 0) {
         uid = Core::authenticateUser(msg.user, msg.password);
     }