Don't do more work than necessary

5 years ago · 58b2cdc428
parent 464e46b02b
commit 58b2cdc428
1 changed files with 8 additions and 5 deletions
--- a/core/admin/mailu/internal/nginx.py
+++ b/core/admin/mailu/internal/nginx.py
@ -49,11 +49,14 @@ def handle_authentication(headers):
        user = models.User.query.get(user_email)
        status = False
        if user:
+            # All tokens are 32 characters hex lowercase
+            if len(password) == 32:
                for token in user.tokens:
                    if (token.check_password(password) and
                        (not token.ip or token.ip == ip)):
                            status = True
-            if user.check_password(password):
+                            break
+            if not status and user.check_password(password):
                status = True
            if status:
                if protocol == "imap" and not user.enable_imap: