Merge 0aeca78 into 53e1441

MasoniteFramework · Jan 9, 2019 · 48f7a47 · 48f7a47
2 parents 53e1441 + 0aeca78
commit 48f7a47
Show file tree

Hide file tree

Showing 2 changed files with 26 additions and 2 deletions.
diff --git a/masonite/auth/Auth.py b/masonite/auth/Auth.py
@@ -63,9 +63,23 @@ def login(self, name, password):
         """
         auth_column = self.auth_model.__auth__
         try:
-            model = self.auth_model.where(auth_column, name).first()
+            password_column = self.auth_model.password if hasattr(self.auth_model, 'password') else self.auth_model.__password__
+        except AttributeError as e:
+            raise AttributeError('Your model does not have a password column or a designated __password__ attribute. Set the __password__ attribute to the name of your password column.') from e
 
-            if model and bcrypt.checkpw(bytes(password, 'utf-8'), bytes(model.password, 'utf-8')):
+        try:
+            # Try to login multiple or statements if given an auth list
+            if isinstance(auth_column, list):
+                model = self.auth_model.where(auth_column[0], name)
+
+                for authentication_column in auth_column[1:]:
+                    model.or_where(authentication_column, name)
+
+                model = model.first()
+            else:
+                model = self.auth_model.where(auth_column, name).first()
+
+            if model and bcrypt.checkpw(bytes(password, 'utf-8'), bytes(password_column, 'utf-8')):
                 if not self._once:
                     remember_token = str(uuid.uuid4())
                     model.remember_token = remember_token

diff --git a/tests/test_auth.py b/tests/test_auth.py
@@ -18,11 +18,15 @@ class MockUser():
     __auth__ = 'email'
     password = '$2a$04$SXAMKoNuuiv7iO4g4U3ZOemyJJiKAHomUIFfGyH4hyo4LrLjcMqvS'
     email = 'user@email.com'
+    name = 'testuser123'
     id = 1
 
     def where(self, column, name):
         return self
 
+    def or_where(self, column, name):
+        return self
+
     def first(self):
         return self
 
@@ -62,6 +66,12 @@ def test_login_user(self):
         assert isinstance(self.auth.login('user@email.com', 'secret'), MockUser)
         assert self.request.get_cookie('token')
 
+    def test_login_user_with_list_auth_column(self):
+        user = MockUser
+        user.__auth__ = ['email', 'name']
+        assert isinstance(self.auth.login('testuser123', 'secret'), user)
+        assert self.request.get_cookie('token')
+
     def test_get_user(self):
         assert self.auth.login_by_id(1)
         assert isinstance(self.auth.user(), MockUser)