haiwen/seahub
1
0
Fork 0
mirror of https://github.com/haiwen/seahub.git synced 2025-09-20 19:08:21 +00:00
Code Issues Releases Wiki Activity

USE_LDAP_SYNC_ONLY (#6977)

Browse Source
This commit is contained in:
欢乐马
2024-10-31 17:25:28 +08:00
committed by GitHub
parent 20fde74744
commit de830a6154
4 changed files with 5 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
seahub/api2/serializers.py
View File

@@ -14,7 +14,7 @@ from seahub.two_factor.models import default_device
from seahub.two_factor.views.login import is_device_remembered from seahub.two_factor.views.login import is_device_remembered
from seahub.utils.two_factor_auth import has_two_factor_auth, \ from seahub.utils.two_factor_auth import has_two_factor_auth, \
two_factor_auth_enabled, verify_two_factor_token two_factor_auth_enabled, verify_two_factor_token
from seahub.settings import ENABLE_LDAP from seahub.settings import ENABLE_LDAP, USE_LDAP_SYNC_ONLY
from constance import config from constance import config
logger = logging.getLogger(__name__) logger = logging.getLogger(__name__)
@@ -92,7 +92,7 @@ class AuthTokenSerializer(serializers.Serializer):
# convert login id or contact email to username if any # convert login id or contact email to username if any
user = authenticate(username=username, password=password) user = authenticate(username=username, password=password)
# After local user authentication process is completed, authenticate LDAP user # After local user authentication process is completed, authenticate LDAP user
if user is None and ENABLE_LDAP: if user is None and ENABLE_LDAP and not USE_LDAP_SYNC_ONLY:
user = authenticate(ldap_user=username, password=password) user = authenticate(ldap_user=username, password=password)
if user is None: if user is None:

2
seahub/auth/forms.py
View File

@@ -71,7 +71,7 @@ class AuthenticationForm(forms.Form):
username = Profile.objects.convert_login_str_to_username(username) username = Profile.objects.convert_login_str_to_username(username)
self.user_cache = authenticate(username=username, password=password) self.user_cache = authenticate(username=username, password=password)
# After local user authentication process is completed, authenticate LDAP user # After local user authentication process is completed, authenticate LDAP user
if self.user_cache is None and settings.ENABLE_LDAP: if self.user_cache is None and settings.ENABLE_LDAP and not settings.USE_LDAP_SYNC_ONLY:
self.user_cache = authenticate(ldap_user=username, password=password) self.user_cache = authenticate(ldap_user=username, password=password)
if self.user_cache is None: if self.user_cache is None:

1
seahub/settings.py
View File

@@ -335,6 +335,7 @@ LDAP_USER_ROLE_ATTR = ''
ACTIVATE_USER_WHEN_IMPORT = True ACTIVATE_USER_WHEN_IMPORT = True
SSO_LDAP_USE_SAME_UID = False SSO_LDAP_USE_SAME_UID = False
USE_LDAP_SYNC_ONLY = False
# enable ldap sasl auth # enable ldap sasl auth
ENABLE_SASL = False ENABLE_SASL = False

2
seahub/views/sysadmin.py
View File

@@ -816,7 +816,7 @@ def sys_sudo_mode(request):
if password: if password:
user = authenticate(username=username, password=password) user = authenticate(username=username, password=password)
# After local user authentication process is completed, authenticate LDAP user # After local user authentication process is completed, authenticate LDAP user
if user is None and settings.ENABLE_LDAP: if user is None and settings.ENABLE_LDAP and not settings.USE_LDAP_SYNC_ONLY:
user = authenticate(ldap_user=username, password=password) user = authenticate(ldap_user=username, password=password)
if user: if user:
update_sudo_mode_ts(request) update_sudo_mode_ts(request)