Adds ability to login with email when provided as username (#4420)

2017-12-12 08:49:45 -05:00
parent 8fd5f31089
commit bad217911c
2 changed files with 69 additions and 2 deletions
--- a/src/Routers/UsersRouter.js
+++ b/src/Routers/UsersRouter.js
@@ -84,13 +84,26 @@ export class UsersRouter extends ClassesRouter {

    let user;
    let isValidPassword = false;
-    const query = Object.assign({}, username ? { username } : {}, email ? { email } : {});
+    let query;
+    if (email && username) {
+      query = { email, username };
+    } else if (email) {
+      query = { email };
+    } else {
+      query = { $or: [{ username } , { email: username }] };
+    }
    return req.config.database.find('_User', query)
      .then((results) => {
        if (!results.length) {
          throw new Parse.Error(Parse.Error.OBJECT_NOT_FOUND, 'Invalid username/password.');
        }
-        user = results[0];
+
+        if (results.length > 1) { // corner case where user1 has username == user2 email
+          req.config.loggerController.warn('There is a user which email is the same as another user\'s username, logging in based on username');
+          user = results.filter((user) =>  user.username === username)[0];
+        } else {
+          user = results[0];
+        }

        if (req.config.verifyUserEmails && req.config.preventLoginWithUnverifiedEmail && !user.emailVerified) {
          throw new Parse.Error(Parse.Error.EMAIL_NOT_FOUND, 'User email is not verified.');