diff options
| author | Mark Felder <feld@FreeBSD.org> | 2020-08-05 10:07:31 -0500 |
|---|---|---|
| committer | Mark Felder <feld@FreeBSD.org> | 2020-08-05 10:07:31 -0500 |
| commit | 2192d1e4920e2c6deffe9a205cc2ade27d4dc0b1 (patch) | |
| tree | 363a47f8b2a42febddaad094b967c34c49dde130 | |
| parent | d5e4d8a6f3f7b577183809a4b371609aa29fa968 (diff) | |
| download | pleroma-2192d1e4920e2c6deffe9a205cc2ade27d4dc0b1.tar.gz | |
Permit LDAP users to register without capturing their password hash
We don't need it, and local auth fallback has been removed.
| -rw-r--r-- | lib/pleroma/user.ex | 19 | ||||
| -rw-r--r-- | lib/pleroma/web/auth/ldap_authenticator.ex | 7 |
2 files changed, 22 insertions, 4 deletions
diff --git a/lib/pleroma/user.ex b/lib/pleroma/user.ex index 09e606b37..df9f34baa 100644 --- a/lib/pleroma/user.ex +++ b/lib/pleroma/user.ex @@ -638,6 +638,25 @@ defmodule Pleroma.User do @spec force_password_reset(User.t()) :: {:ok, User.t()} | {:error, Ecto.Changeset.t()} def force_password_reset(user), do: update_password_reset_pending(user, true) + # Used to auto-register LDAP accounts which don't have a password hash + def register_changeset(struct, params = %{password: password}) + when is_nil(password) do + params = Map.put_new(params, :accepts_chat_messages, true) + + struct + |> cast(params, [ + :name, + :nickname, + :accepts_chat_messages + ]) + |> unique_constraint(:nickname) + |> validate_exclusion(:nickname, Config.get([User, :restricted_nicknames])) + |> validate_format(:nickname, local_nickname_regex()) + |> put_ap_id() + |> unique_constraint(:ap_id) + |> put_following_and_follower_address() + end + def register_changeset(struct, params \\ %{}, opts \\ []) do bio_limit = Config.get([:instance, :user_bio_length], 5000) name_limit = Config.get([:instance, :user_name_length], 100) diff --git a/lib/pleroma/web/auth/ldap_authenticator.ex b/lib/pleroma/web/auth/ldap_authenticator.ex index ec47f6f91..f667da68b 100644 --- a/lib/pleroma/web/auth/ldap_authenticator.ex +++ b/lib/pleroma/web/auth/ldap_authenticator.ex @@ -88,7 +88,7 @@ defmodule Pleroma.Web.Auth.LDAPAuthenticator do user _ -> - register_user(connection, base, uid, name, password) + register_user(connection, base, uid, name) end error -> @@ -96,7 +96,7 @@ defmodule Pleroma.Web.Auth.LDAPAuthenticator do end end - defp register_user(connection, base, uid, name, password) do + defp register_user(connection, base, uid, name) do case :eldap.search(connection, [ {:base, to_charlist(base)}, {:filter, :eldap.equalityMatch(to_charlist(uid), to_charlist(name))}, @@ -107,8 +107,7 @@ defmodule Pleroma.Web.Auth.LDAPAuthenticator do params = %{ name: name, nickname: name, - password: password, - password_confirmation: password + password: nil } changeset = User.register_changeset(%User{}, params) |