Andreas/wekan
1
0
Fork 0
mirror of https://github.com/wekan/wekan.git synced 2025-12-26 20:28:48 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

add ldap support | simplify authentications

Browse source
This commit is contained in:
guillaume 2018-10-09 14:14:39 +02:00
parent 5b8c642d8f
commit 3b4f285fea
15 changed files with 493 additions and 49 deletions
Download patch file Download diff file Expand all files Collapse all files

14
models/users.js
View file

@ -127,10 +127,10 @@ Users.attachSchema(new SimpleSchema({
type: Boolean,
optional: true,
},
// TODO : write a migration and check if using a ldap parameter is better than a connection_type parameter
ldap: {
type: Boolean,
optional: true,
'authenticationMethod': {
type: String,
optional: false,
defaultValue: 'password',
},
}));
@ -499,6 +499,7 @@ if (Meteor.isServer) {
user.emails = [{ address: email, verified: true }];
const initials = user.services.oidc.fullname.match(/\b[a-zA-Z]/g).join('').toUpperCase();
user.profile = { initials, fullname: user.services.oidc.fullname };
user['authenticationMethod'] = 'oauth2';
// see if any existing user has this email address or username, otherwise create new
const existingUser = Meteor.users.findOne({$or: [{'emails.address': email}, {'username':user.username}]});
@ -511,6 +512,7 @@ if (Meteor.isServer) {
existingUser.emails = user.emails;
existingUser.username = user.username;
existingUser.profile = user.profile;
existingUser['authenticationMethod'] = user['authenticationMethod'];
Meteor.users.remove({_id: existingUser._id}); // remove existing record
return existingUser;
@ -525,7 +527,7 @@ if (Meteor.isServer) {
// If ldap, bypass the inviation code if the self registration isn't allowed.
// TODO : pay attention if ldap field in the user model change to another content ex : ldap field to connection_type
if (options.ldap || !disableRegistration) {
user.ldap = true;
user['authenticationMethod'] = 'ldap';
return user;
}
@ -645,7 +647,7 @@ if (Meteor.isServer) {
const disableRegistration = Settings.findOne().disableRegistration;
// If ldap, bypass the inviation code if the self registration isn't allowed.
// TODO : pay attention if ldap field in the user model change to another content ex : ldap field to connection_type
if (!doc.ldap && disableRegistration) {
if (doc['authenticationMethod'] !== 'ldap' && disableRegistration) {
const invitationCode = InvitationCodes.findOne({code: doc.profile.icode, valid: true});
if (!invitationCode) {
throw new Meteor.Error('error-invitation-code-not-exist');