feat(auth): allow logging in with either username or email address

This commit is contained in:
Tyler Renelle 2014-09-02 12:23:29 -06:00
parent 2fc0f24c19
commit 772ea500a3
2 changed files with 7 additions and 6 deletions

View file

@ -128,15 +128,16 @@ api.loginLocal = function(req, res, next) {
var username = req.body.username;
var password = req.body.password;
if (!(username && password)) return res.json(401, {err:'Missing :username or :password in request body, please provide both'});
User.findOne({'auth.local.username': username}, {auth:1}, function(err, user){
var login = validator.isEmail(username) ? {'auth.local.email':username} : {'auth.local.username':username};
User.findOne(login, {auth:1}, function(err, user){
if (err) return next(err);
if (!user) return res.json(401, {err:"Username or password incorrect. Click 'Forgot Password' for help with either. (Note: usernames are case-sensitive)"});
if (user.auth.blocked) return res.json(401, accountSuspended(user._id));
// We needed the whole user object first so we can get his salt to encrypt password comparison
User.findOne({
'auth.local.username': username,
'auth.local.hashed_password': utils.encryptPassword(password, user.auth.local.salt)
}, function(err, user){
User.findOne({$and:[login,
{'auth.local.hashed_password': utils.encryptPassword(password, user.auth.local.salt)}
]}
, function(err, user){
if (err) return next(err);
if (!user) return res.json(401,{err:"Username or password incorrect. Click 'Forgot Password' for help with either. (Note: usernames are case-sensitive)"});
res.json({id: user._id,token: user.apiToken});

View file

@ -17,7 +17,7 @@ script(id='modals/login.html', type='text/ng-template')
.tab-pane.active#login-tab
form(ng-submit='auth()', method='POST')
.form-group
input.form-control(type='text', ng-model='loginUsername', placeholder=env.t('username'), name='username')
input.form-control(type='text', ng-model='loginUsername', placeholder=env.t('username')+' or Email', name='username')
.form-group
input.form-control(type='password', ng-model='loginPassword', placeholder=env.t('password'), name='password')
//-.control-group