fix: web login authorize delay

models/login_source.go

@@ -829,9 +829,6 @@ func UserSignIn(username, password string) (*User, error) {
 	}
 
 	if hasUser {
-		if !user.IsAdmin {
-			return nil, ErrUserNodAdmin{user.ID, user.Name}
-		}
 		switch user.LoginType {
 		case LoginNoType, LoginPlain, LoginOAuth2:
 			if user.IsPasswordSet() && user.ValidatePassword(password) {

routers/web/user/auth.go

@@ -174,6 +174,20 @@ func SignInPost(ctx *context.Context) {
 	}
 
 	form := web.GetForm(ctx).(*forms.SignInForm)
+	if user, err := models.GetUserByName(form.UserName); models.IsErrUserNotExist(err) {
+		ctx.RenderWithErr(ctx.Tr("form.username_password_incorrect"), tplSignIn, &form)
+		log.Info("Failed authentication attempt for %s from %s: %v", form.UserName, ctx.RemoteAddr(), err)
+		return
+	} else {
+		// If this user not is administrator
+		// Instead, tip error
+		if !user.IsAdmin {
+			ctx.RenderWithErr(ctx.Tr("form.User is not an administrator"), tplSignIn, &form)
+			log.Info("Failed authentiation attempt for %s from %s ", form.UserName, ctx.RemoteAddr())
+			return
+		}
+	}
+
 	u, err := models.UserSignIn(form.UserName, form.Password)
 	if err != nil {
 		if models.IsErrUserNotExist(err) {
@@ -195,10 +209,6 @@ func SignInPost(ctx *context.Context) {
 				ctx.Data["Title"] = ctx.Tr("auth.prohibit_login")
 				ctx.HTML(http.StatusOK, "user/auth/prohibit_login")
 			}
-		} else if models.IsErrUserNotAdmin(err) {
-			ctx.RenderWithErr(ctx.Tr("form.User is not an administrator"), tplSignIn, &form)
-			log.Info("Failed authentiation attempt for %s from %s ", form.UserName, ctx.RemoteAddr())
-
 		} else {
 			ctx.ServerError("UserSignIn", err)
 		}