Fix a bug when trying to authenticate with a non existing user

7 years ago · 45902ae012
parent baff8dd043
commit 45902ae012
1 changed files with 15 additions and 14 deletions
--- a/core/admin/mailu/internal/nginx.py
+++ b/core/admin/mailu/internal/nginx.py
@ -37,20 +37,21 @@ def handle_authentication(headers):
        password = urllib.parse.unquote(headers["Auth-Pass"])
        ip = urllib.parse.unquote(headers["Client-Ip"])
        user = models.User.query.get(user_email)
-        for token in user.tokens:
-            if (token.check_password(password) and
-                (not token.ip or token.ip == ip)):
-                    return {
-                        "Auth-Status": "OK",
-                        "Auth-Server": server,
-                        "Auth-Port": port
-                    }
-        if user and user.check_password(password):
-            return {
-                "Auth-Status": "OK",
-                "Auth-Server": server,
-                "Auth-Port": port
-            }
+        if user:
+            for token in user.tokens:
+                if (token.check_password(password) and
+                    (not token.ip or token.ip == ip)):
+                        return {
+                            "Auth-Status": "OK",
+                            "Auth-Server": server,
+                            "Auth-Port": port
+                        }
+            if user.check_password(password):
+                return {
+                    "Auth-Status": "OK",
+                    "Auth-Server": server,
+                    "Auth-Port": port
+                }
        else:
            status, code = get_status(protocol, "authentication")
            return {