Permit LDAP users to register without capturing their password hash
We don't need it, and local auth fallback has been removed.
This commit is contained in:
parent
d5e4d8a6f3
commit
2192d1e492
2 changed files with 22 additions and 4 deletions
|
@ -638,6 +638,25 @@ def force_password_reset_async(user) do
|
||||||
@spec force_password_reset(User.t()) :: {:ok, User.t()} | {:error, Ecto.Changeset.t()}
|
@spec force_password_reset(User.t()) :: {:ok, User.t()} | {:error, Ecto.Changeset.t()}
|
||||||
def force_password_reset(user), do: update_password_reset_pending(user, true)
|
def force_password_reset(user), do: update_password_reset_pending(user, true)
|
||||||
|
|
||||||
|
# Used to auto-register LDAP accounts which don't have a password hash
|
||||||
|
def register_changeset(struct, params = %{password: password})
|
||||||
|
when is_nil(password) do
|
||||||
|
params = Map.put_new(params, :accepts_chat_messages, true)
|
||||||
|
|
||||||
|
struct
|
||||||
|
|> cast(params, [
|
||||||
|
:name,
|
||||||
|
:nickname,
|
||||||
|
:accepts_chat_messages
|
||||||
|
])
|
||||||
|
|> unique_constraint(:nickname)
|
||||||
|
|> validate_exclusion(:nickname, Config.get([User, :restricted_nicknames]))
|
||||||
|
|> validate_format(:nickname, local_nickname_regex())
|
||||||
|
|> put_ap_id()
|
||||||
|
|> unique_constraint(:ap_id)
|
||||||
|
|> put_following_and_follower_address()
|
||||||
|
end
|
||||||
|
|
||||||
def register_changeset(struct, params \\ %{}, opts \\ []) do
|
def register_changeset(struct, params \\ %{}, opts \\ []) do
|
||||||
bio_limit = Config.get([:instance, :user_bio_length], 5000)
|
bio_limit = Config.get([:instance, :user_bio_length], 5000)
|
||||||
name_limit = Config.get([:instance, :user_name_length], 100)
|
name_limit = Config.get([:instance, :user_name_length], 100)
|
||||||
|
|
|
@ -88,7 +88,7 @@ defp bind_user(connection, ldap, name, password) do
|
||||||
user
|
user
|
||||||
|
|
||||||
_ ->
|
_ ->
|
||||||
register_user(connection, base, uid, name, password)
|
register_user(connection, base, uid, name)
|
||||||
end
|
end
|
||||||
|
|
||||||
error ->
|
error ->
|
||||||
|
@ -96,7 +96,7 @@ defp bind_user(connection, ldap, name, password) do
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
defp register_user(connection, base, uid, name, password) do
|
defp register_user(connection, base, uid, name) do
|
||||||
case :eldap.search(connection, [
|
case :eldap.search(connection, [
|
||||||
{:base, to_charlist(base)},
|
{:base, to_charlist(base)},
|
||||||
{:filter, :eldap.equalityMatch(to_charlist(uid), to_charlist(name))},
|
{:filter, :eldap.equalityMatch(to_charlist(uid), to_charlist(name))},
|
||||||
|
@ -107,8 +107,7 @@ defp register_user(connection, base, uid, name, password) do
|
||||||
params = %{
|
params = %{
|
||||||
name: name,
|
name: name,
|
||||||
nickname: name,
|
nickname: name,
|
||||||
password: password,
|
password: nil
|
||||||
password_confirmation: password
|
|
||||||
}
|
}
|
||||||
|
|
||||||
changeset = User.register_changeset(%User{}, params)
|
changeset = User.register_changeset(%User{}, params)
|
||||||
|
|
Loading…
Reference in a new issue