fix ldap sync for disabled users, check if admin username is an email address, rename username to email
This commit is contained in:
parent
5bc3aa0036
commit
e1c7a43496
|
@ -20,9 +20,8 @@
|
|||
<div class="card-body">
|
||||
<form class="form-signin" method="post">
|
||||
<div class="form-group">
|
||||
<label for="inputUsername">Username</label>
|
||||
<input type="text" name="username" class="form-control" id="inputUsername" aria-describedby="usernameHelp" placeholder="Enter username">
|
||||
<small id="usernameHelp" class="form-text text-muted">Please enter your LDAP username, not the email address.</small>
|
||||
<label for="inputUsername">Email</label>
|
||||
<input type="text" name="username" class="form-control" id="inputUsername" aria-describedby="usernameHelp" placeholder="Enter email">
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label for="inputPassword">Password</label>
|
||||
|
|
|
@ -3,6 +3,7 @@ package password
|
|||
import (
|
||||
"fmt"
|
||||
"math/rand"
|
||||
"regexp"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
|
@ -14,6 +15,8 @@ import (
|
|||
"gorm.io/gorm"
|
||||
)
|
||||
|
||||
var emailRegex = regexp.MustCompile("^[a-zA-Z0-9.!#$%&'*+\\/=?^_`{|}~-]+@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*$")
|
||||
|
||||
// Provider implements a password login method for a database backend.
|
||||
type Provider struct {
|
||||
db *gorm.DB
|
||||
|
@ -104,6 +107,10 @@ func (provider Provider) GetUserModel(ctx *authentication.AuthContext) (*authent
|
|||
}
|
||||
|
||||
func (provider Provider) InitializeAdmin(email, password string) error {
|
||||
if !emailRegex.MatchString(email) {
|
||||
return errors.New("admin username must be an email address")
|
||||
}
|
||||
|
||||
admin := users.User{}
|
||||
provider.db.Unscoped().Where("email = ?", email).FirstOrInit(&admin)
|
||||
|
||||
|
|
|
@ -60,7 +60,7 @@ type Config struct {
|
|||
Title string `yaml:"title" envconfig:"WEBSITE_TITLE"`
|
||||
CompanyName string `yaml:"company" envconfig:"COMPANY_NAME"`
|
||||
MailFrom string `yaml:"mailFrom" envconfig:"MAIL_FROM"`
|
||||
AdminUser string `yaml:"adminUser" envconfig:"ADMIN_USER"`
|
||||
AdminUser string `yaml:"adminUser" envconfig:"ADMIN_USER"` // must be an email address
|
||||
AdminPassword string `yaml:"adminPass" envconfig:"ADMIN_PASS"`
|
||||
EditableKeys bool `yaml:"editableKeys" envconfig:"EDITABLE_KEYS"`
|
||||
CreateDefaultPeer bool `yaml:"createDefaultPeer" envconfig:"CREATE_DEFAULT_PEER"`
|
||||
|
|
|
@ -93,16 +93,16 @@ func (s *Server) SyncLdapWithUserDatabase() {
|
|||
}
|
||||
}
|
||||
|
||||
if err = s.users.UpdateUser(user); err != nil {
|
||||
logrus.Errorf("failed to update ldap user %s in database: %v", user.Email, err)
|
||||
continue
|
||||
}
|
||||
|
||||
if ldapDeactivated {
|
||||
if err = s.users.DeleteUser(user); err != nil {
|
||||
logrus.Errorf("failed to delete deactivated user %s in database: %v", user.Email, err)
|
||||
continue
|
||||
}
|
||||
} else {
|
||||
if err = s.users.UpdateUser(user); err != nil {
|
||||
logrus.Errorf("failed to update ldap user %s in database: %v", user.Email, err)
|
||||
continue
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue