Permit LDAP users to register without capturing their password hash
We don't need it, and local auth fallback has been removed.
This commit is contained in:
parent
d5e4d8a6f3
commit
2192d1e492
2 changed files with 22 additions and 4 deletions
|
@ -638,6 +638,25 @@ def force_password_reset_async(user) do
|
|||
@spec force_password_reset(User.t()) :: {:ok, User.t()} | {:error, Ecto.Changeset.t()}
|
||||
def force_password_reset(user), do: update_password_reset_pending(user, true)
|
||||
|
||||
# Used to auto-register LDAP accounts which don't have a password hash
|
||||
def register_changeset(struct, params = %{password: password})
|
||||
when is_nil(password) do
|
||||
params = Map.put_new(params, :accepts_chat_messages, true)
|
||||
|
||||
struct
|
||||
|> cast(params, [
|
||||
:name,
|
||||
:nickname,
|
||||
:accepts_chat_messages
|
||||
])
|
||||
|> unique_constraint(:nickname)
|
||||
|> validate_exclusion(:nickname, Config.get([User, :restricted_nicknames]))
|
||||
|> validate_format(:nickname, local_nickname_regex())
|
||||
|> put_ap_id()
|
||||
|> unique_constraint(:ap_id)
|
||||
|> put_following_and_follower_address()
|
||||
end
|
||||
|
||||
def register_changeset(struct, params \\ %{}, opts \\ []) do
|
||||
bio_limit = Config.get([:instance, :user_bio_length], 5000)
|
||||
name_limit = Config.get([:instance, :user_name_length], 100)
|
||||
|
|
|
@ -88,7 +88,7 @@ defp bind_user(connection, ldap, name, password) do
|
|||
user
|
||||
|
||||
_ ->
|
||||
register_user(connection, base, uid, name, password)
|
||||
register_user(connection, base, uid, name)
|
||||
end
|
||||
|
||||
error ->
|
||||
|
@ -96,7 +96,7 @@ defp bind_user(connection, ldap, name, password) do
|
|||
end
|
||||
end
|
||||
|
||||
defp register_user(connection, base, uid, name, password) do
|
||||
defp register_user(connection, base, uid, name) do
|
||||
case :eldap.search(connection, [
|
||||
{:base, to_charlist(base)},
|
||||
{:filter, :eldap.equalityMatch(to_charlist(uid), to_charlist(name))},
|
||||
|
@ -107,8 +107,7 @@ defp register_user(connection, base, uid, name, password) do
|
|||
params = %{
|
||||
name: name,
|
||||
nickname: name,
|
||||
password: password,
|
||||
password_confirmation: password
|
||||
password: nil
|
||||
}
|
||||
|
||||
changeset = User.register_changeset(%User{}, params)
|
||||
|
|
Loading…
Reference in a new issue