fix: closes #13024, on register dont auto login with user doesn't have local:login privilege

on login page show login form if at least one user group has local:login privilege, for example local:login might be removed from registered-users but verified-users can have login privilege so login form should be still visible

src/controllers/authentication.js

@@ -49,7 +49,10 @@ async function registerAndLoginUser(req, res, userData) {
 
 	const uid = await user.create(userData);
 	if (res.locals.processLogin) {
-		await authenticationController.doLogin(req, uid);
+		const hasLoginPrivilege = await privileges.global.can('local:login', uid);
+		if (hasLoginPrivilege) {
+			await authenticationController.doLogin(req, uid);
+		}
 	}
 
 	// Distinguish registrations through invites from direct ones

src/controllers/index.js

@@ -7,6 +7,7 @@ const meta = require('../meta');
 const user = require('../user');
 const plugins = require('../plugins');
 const privileges = require('../privileges');
+const privilegesHelpers = require('../privileges/helpers');
 const helpers = require('./helpers');
 
 const Controllers = module.exports;
@@ -124,7 +125,8 @@ Controllers.login = async function (req, res) {
 	data.title = '[[pages:login]]';
 	data.allowPasswordReset = !meta.config['password:disableEdit'];
 
-	const hasLoginPrivilege = await privileges.global.canGroup('local:login', 'registered-users');
+	const loginPrivileges =  await privilegesHelpers.getGroupPrivileges(0, ['groups:local:login']);
+	const hasLoginPrivilege = !!loginPrivileges.find(privilege => privilege.privileges['groups:local:login']);
 	data.allowLocalLogin = hasLoginPrivilege || parseInt(req.query.local, 10) === 1;
 
 	if (!data.allowLocalLogin && !data.allowRegistration && data.alternate_logins && data.authentication.length === 1) {