Trim the login name

Otherwise we keep on using it with leading or trailing whitespaces for
app tokens and other logic. The reason this doesn't throw an error
immediately with local users is that (My)SQL compares strings regardless
of their padding by default. So we look up 'uid ' and get the row for
the user 'uid'.
Other back-ends will lead to a hard error, though, and the user is
unable to log out as all request fail.

Ref https://stackoverflow.com/a/10495807/2239067

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
This commit is contained in:
Christoph Wurst 2019-11-27 14:54:45 +01:00 committed by Roeland Jago Douma
parent 29bdaf735b
commit 81e35d0c8a
No known key found for this signature in database
GPG key ID: F941078878347C0C

View file

@ -289,7 +289,7 @@ class LoginController extends Controller {
$data = new LoginData(
$this->request,
$user,
trim($user),
$password,
$redirect_url,
$timezone,