oauth: fix password-based login when username is email address

closes #199
This commit is contained in:
William Pitcock 2018-06-14 02:29:52 +00:00
parent ea42ba603f
commit 5442466569

View file

@ -84,7 +84,7 @@ def token_exchange(
%{"grant_type" => "password", "name" => name, "password" => password} = params %{"grant_type" => "password", "name" => name, "password" => password} = params
) do ) do
with %App{} = app <- get_app_from_request(conn, params), with %App{} = app <- get_app_from_request(conn, params),
%User{} = user <- User.get_cached_by_nickname(name), %User{} = user <- User.get_by_nickname_or_email(name),
true <- Pbkdf2.checkpw(password, user.password_hash), true <- Pbkdf2.checkpw(password, user.password_hash),
{:ok, auth} <- Authorization.create_authorization(app, user), {:ok, auth} <- Authorization.create_authorization(app, user),
{:ok, token} <- Token.exchange_token(app, auth) do {:ok, token} <- Token.exchange_token(app, auth) do