From 4ff0f4857aefa1ed1c71c19150564221f8f02893 Mon Sep 17 00:00:00 2001
From: Jared Hancock <jared@osticket.com>
Date: Thu, 20 Mar 2014 14:34:12 -0500
Subject: [PATCH] oops: Fix client login

---
 include/class.auth.php       | 21 +++++----------------
 include/client/login.inc.php |  2 ++
 2 files changed, 7 insertions(+), 16 deletions(-)

diff --git a/include/class.auth.php b/include/class.auth.php
index ccf352b9d..d326ce685 100644
--- a/include/class.auth.php
+++ b/include/class.auth.php
@@ -805,35 +805,24 @@ class osTicketClientAuthentication extends UserAuthenticationBackend {
     static $id = "client";
 
     function authenticate($username, $password) {
-        if (!($user = self::_identify($authkey)))
+        if (!($acct = ClientAccount::lookupByUsername($username)))
             return;
 
-        if (($client = new ClientSession(new EndUser($user)))
+        if (($client = new ClientSession(new EndUser($acct->getUser())))
             && $client->getId()
-            && ($acct = $client->getAccount())
             && $acct->checkPassword($password)
         ) {
             return $client;
         }
     }
 
-    protected function validate($authkey) {
-        if (!($user = self::_identify($authkey)))
+    protected function validate($username) {
+        if (!($acct = ClientAccount::lookupByUsername($username)))
             return;
 
-        if (($client = new ClientSession(new EndUser($user))) && $client->getId())
+        if (($client = new ClientSession(new EndUser($acct->getUser()))) && $client->getId())
             return $client;
     }
-
-    protected function _identify($username) {
-        if (strpos($authkey, '@') !== false)
-            $user = User::lookup(array('emails__address'=>$authkey));
-        else
-            $user = User::lookup(array('account__username'=>$authkey));
-
-        return $user;
-    }
-
 }
 UserAuthenticationBackend::register('osTicketClientAuthentication');
 
diff --git a/include/client/login.inc.php b/include/client/login.inc.php
index 9ed334e95..9dc62eb57 100644
--- a/include/client/login.inc.php
+++ b/include/client/login.inc.php
@@ -7,6 +7,7 @@ $passwd=Format::input($_POST['lpasswd']?:$_GET['t']);
 <h1>Sign In</h1>
 <form action="login.php" method="post" id="clientLogin">
     <?php csrf_token(); ?>
+    <div style="width:50%;display:inline-block">
     <strong><?php echo Format::htmlchars($errors['login']); ?></strong>
     <br>
     <div>
@@ -20,6 +21,7 @@ $passwd=Format::input($_POST['lpasswd']?:$_GET['t']);
     <p>
         <input class="btn" type="submit" value="Sign In">
     </p>
+</div>
 </form>
 <br>
 <p>
-- 
GitLab