From 7419922040920e871f7c45d0b1a94e57d4888a04 Mon Sep 17 00:00:00 2001 From: Julian Lam Date: Fri, 29 Jan 2021 17:03:26 -0500 Subject: [PATCH] fix: improper override of req.body.username in login logic --- src/controllers/authentication.js | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/controllers/authentication.js b/src/controllers/authentication.js index ed25277fa9..53de38b08c 100644 --- a/src/controllers/authentication.js +++ b/src/controllers/authentication.js @@ -234,7 +234,10 @@ authenticationController.login = async (req, res, next) => { user.getUsernameByEmail(req.body.username, next); }, function (username, next) { - req.body.username = username || req.body.username; + if (username !== '[[global:guest]]') { + req.body.username = username; + } + (res.locals.continueLogin || continueLogin)(strategy, req, res, next); }, ], next);