Fix a bug when trying to authenticate with a non existing user

7 years ago · 45902ae012
parent baff8dd043
commit 45902ae012
1 changed files with 15 additions and 14 deletions
--- a/core/admin/mailu/internal/nginx.py
+++ b/core/admin/mailu/internal/nginx.py
@ -37,6 +37,7 @@ def handle_authentication(headers):
        password = urllib.parse.unquote(headers["Auth-Pass"])
        ip = urllib.parse.unquote(headers["Client-Ip"])
        user = models.User.query.get(user_email)
+        if user:
            for token in user.tokens:
                if (token.check_password(password) and
                    (not token.ip or token.ip == ip)):
@ -45,7 +46,7 @@ def handle_authentication(headers):
                            "Auth-Server": server,
                            "Auth-Port": port
                        }
-        if user and user.check_password(password):
+            if user.check_password(password):
                return {
                    "Auth-Status": "OK",
                    "Auth-Server": server,