if username in UPN format for login try searching both user and full UPN string

models/user.go

@@ -6,6 +6,7 @@ import (
 	"fmt"
 	"log"
 	"smt/utils/token"
+	"strings"
 	"time"
 
 	"golang.org/x/crypto/bcrypt"
@@ -123,18 +124,32 @@ func LoginCheck(username string, password string) (string, error) {
 
 	// Query database for matching user object
 	// Use IFNULL to handle situation where a user might not be a member of a group
+	// Join on groups table so we can get the value in LdapGroup column
 
-	// TODO join on groups table so we can get the value in LdapGroup column
-
-	err = db.QueryRowx(`
+	// if username is UPN format then get just the user portion
+	if strings.Contains(username, "@") {
+		plainUser := GetUserFromUPN(username)
+		// check for original username or plainUser
+		err = db.QueryRowx(`
+		SELECT users.UserId,  IFNULL(users.GroupId, 0) GroupId, UserName, Password, LdapUser, users.Admin, groups.LdapGroup FROM Users 
+		INNER JOIN groups ON users.GroupId = groups.GroupId
+		WHERE Username=? OR Username=?`, username, plainUser).StructScan(&u)
+	} else {
+		err = db.QueryRowx(`
 		SELECT users.UserId,  IFNULL(users.GroupId, 0) GroupId, UserName, Password, LdapUser, users.Admin, groups.LdapGroup FROM Users 
 		INNER JOIN groups ON users.GroupId = groups.GroupId
 		WHERE Username=?`, username).StructScan(&u)
+	}
 
 	if err != nil {
 		if err == sql.ErrNoRows {
+			log.Printf("LoginCheck found no users matching username '%s'\n", username)
+
+			// TODO - if username contains UPN style login then try extracting just the username and doing a query on that
+
 			// check LDAP if enabled
 			if LdapEnabled {
+				log.Printf("LoginCheck initiating ldap lookup for username '%s'\n", username)
 				ldapUser, err := UserLdapNewLoginCheck(username, password)
 				if err != nil {
 					errString := fmt.Sprintf("LoginCheck error checking LDAP for user : '%s'\n", err)