Properly-implemented clients should never try to do this, but if it
is done, this patch prevents it from crashing the core.
Thanks to @chaign_c (https://twitter.com/chaign_c/) for finding this
issue.
if (!checkClientRegistered())
return;
+ if (!Core::isConfigured()) {
+ qWarning() << qPrintable(tr("Client")) << qPrintable(socket()->peerAddress().toString()) << qPrintable(tr("attempted to login before the core was configured, rejecting."));
+ _peer->dispatch(ClientDenied(tr("<b>Attempted to login before core was configured!</b><br>The core must be configured before attempting to login.")));
+ return;
+ }
+
// First attempt local auth using the real username and password.
// If that fails, move onto the auth provider.
UserId uid = Core::validateUser(msg.user, msg.password);