From db7e13f040d96cf7c19bf08d779d119674d427c3 Mon Sep 17 00:00:00 2001
From: yystopf <yystopf@163.com>
Date: Wed, 22 Dec 2021 15:47:00 +0800
Subject: [PATCH] fix: web login authorize delay

---
 models/login_source.go   |  3 ---
 routers/web/user/auth.go | 18 ++++++++++++++----
 2 files changed, 14 insertions(+), 7 deletions(-)

diff --git a/models/login_source.go b/models/login_source.go
index cef944ebf..589774326 100644
--- a/models/login_source.go
+++ b/models/login_source.go
@@ -829,9 +829,6 @@ func UserSignIn(username, password string) (*User, error) {
 	}
 
 	if hasUser {
-		if !user.IsAdmin {
-			return nil, ErrUserNodAdmin{user.ID, user.Name}
-		}
 		switch user.LoginType {
 		case LoginNoType, LoginPlain, LoginOAuth2:
 			if user.IsPasswordSet() && user.ValidatePassword(password) {
diff --git a/routers/web/user/auth.go b/routers/web/user/auth.go
index 48057d414..ade2e475d 100644
--- a/routers/web/user/auth.go
+++ b/routers/web/user/auth.go
@@ -174,6 +174,20 @@ func SignInPost(ctx *context.Context) {
 	}
 
 	form := web.GetForm(ctx).(*forms.SignInForm)
+	if user, err := models.GetUserByName(form.UserName); models.IsErrUserNotExist(err) {
+		ctx.RenderWithErr(ctx.Tr("form.username_password_incorrect"), tplSignIn, &form)
+		log.Info("Failed authentication attempt for %s from %s: %v", form.UserName, ctx.RemoteAddr(), err)
+		return
+	} else {
+		// If this user not is administrator
+		// Instead, tip error
+		if !user.IsAdmin {
+			ctx.RenderWithErr(ctx.Tr("form.User is not an administrator"), tplSignIn, &form)
+			log.Info("Failed authentiation attempt for %s from %s ", form.UserName, ctx.RemoteAddr())
+			return
+		}
+	}
+
 	u, err := models.UserSignIn(form.UserName, form.Password)
 	if err != nil {
 		if models.IsErrUserNotExist(err) {
@@ -195,10 +209,6 @@ func SignInPost(ctx *context.Context) {
 				ctx.Data["Title"] = ctx.Tr("auth.prohibit_login")
 				ctx.HTML(http.StatusOK, "user/auth/prohibit_login")
 			}
-		} else if models.IsErrUserNotAdmin(err) {
-			ctx.RenderWithErr(ctx.Tr("form.User is not an administrator"), tplSignIn, &form)
-			log.Info("Failed authentiation attempt for %s from %s ", form.UserName, ctx.RemoteAddr())
-
 		} else {
 			ctx.ServerError("UserSignIn", err)
 		}