Andreas/tracks
1
0
Fork 0
mirror of https://github.com/TracksApp/tracks.git synced 2025-12-24 11:10:12 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Closes #1024. Do not create user with ldap auth if wrong password

Browse source
This commit is contained in:
rverchere 2010-04-16 04:23:14 +08:00 committed by Eric Allen
parent b9f1f57740
commit c769b2a7eb
1 changed files with 9 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

10
app/controllers/users_controller.rb
View file

@ -71,9 +71,17 @@ class UsersController < ApplicationController
render :action => "nosignup", :layout => "login"
return
end
user = User.new(params['user'])
if Tracks::Config.auth_schemes.include?('ldap') &&
user.auth_type == 'ldap' &&
!SimpleLdapAuthenticator.valid?(user.login, params['user']['password'])
notify :warning, "Incorrect password"
redirect_to :action => 'new'
return
end
if Tracks::Config.auth_schemes.include?('cas')
if user.auth_type.eql? "cas"
user.crypted_password = "cas"