fix a potential race condition for pre-login and ext auth

hooks doing something like this: err = provider.updateUser(u) ... return provider.userExists(username) could be racy if another update happen before provider.userExists(username) also pass a pointer to updateUser so if the user is modified inside "validateUser" we can just return the modified user without do a new query
2025-12-07 23:00:55 +03:00 · 2021-01-05 09:50:22 +01:00
parent 72b2c83392
commit daac90c4e1
26 changed files with 167 additions and 163 deletions
--- a/httpd/httpd_test.go
+++ b/httpd/httpd_test.go
@@ -3430,7 +3430,7 @@ func TestRenderWebCloneUserMock(t *testing.T) {
 		assert.NoError(t, err)
 		user.FsConfig.CryptConfig.Passphrase.SetStatus(kms.SecretStatusAWS)
 		user.Password = defaultPassword
-		err = dataprovider.UpdateUser(user)
+		err = dataprovider.UpdateUser(&user)
 		assert.NoError(t, err)

 		req, err = http.NewRequest(http.MethodGet, webUserPath+fmt.Sprintf("?cloneFromId=%v", user.ID), nil)