From 16034bb61332196a40c01be8bb3fd2d0b48198cf Mon Sep 17 00:00:00 2001 From: 6543 <6543@obermui.de> Date: Fri, 7 May 2021 16:15:16 +0200 Subject: [PATCH] OAuth2 login: Set account link to "login" as default behavior (#15768) --- custom/conf/app.example.ini | 2 +- docs/content/doc/advanced/config-cheat-sheet.en-us.md | 2 +- modules/setting/oauth2_client.go | 6 +++--- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/custom/conf/app.example.ini b/custom/conf/app.example.ini index e8b02bdae..3876396a3 100644 --- a/custom/conf/app.example.ini +++ b/custom/conf/app.example.ini @@ -641,7 +641,7 @@ UPDATE_AVATAR = false ; disabled = show an error ; login = show an account linking login ; auto = link directly with the account -ACCOUNT_LINKING = disabled +ACCOUNT_LINKING = login [service] ; Time limit to confirm account/email registration diff --git a/docs/content/doc/advanced/config-cheat-sheet.en-us.md b/docs/content/doc/advanced/config-cheat-sheet.en-us.md index c620614ca..0a2647768 100644 --- a/docs/content/doc/advanced/config-cheat-sheet.en-us.md +++ b/docs/content/doc/advanced/config-cheat-sheet.en-us.md @@ -440,7 +440,7 @@ relation to port exhaustion. - nickname - use the nickname attribute - email - use the username part of the email attribute - `UPDATE_AVATAR`: **false**: Update avatar if available from oauth2 provider. Update will be performed on each login. -- `ACCOUNT_LINKING`: **disabled**: How to handle if an account / email already exists: +- `ACCOUNT_LINKING`: **login**: How to handle if an account / email already exists: - disabled - show an error - login - show an account linking login - auto - automatically link with the account (Please be aware that this will grant access to an existing account just because the same username or email is provided. You must make sure that this does not cause issues with your authentication providers.) diff --git a/modules/setting/oauth2_client.go b/modules/setting/oauth2_client.go index a336563c9..6cfd99156 100644 --- a/modules/setting/oauth2_client.go +++ b/modules/setting/oauth2_client.go @@ -71,10 +71,10 @@ func newOAuth2Client() { OAuth2Client.Username = OAuth2UsernameNickname } OAuth2Client.UpdateAvatar = sec.Key("UPDATE_AVATAR").MustBool() - OAuth2Client.AccountLinking = OAuth2AccountLinkingType(sec.Key("ACCOUNT_LINKING").MustString(string(OAuth2AccountLinkingDisabled))) + OAuth2Client.AccountLinking = OAuth2AccountLinkingType(sec.Key("ACCOUNT_LINKING").MustString(string(OAuth2AccountLinkingLogin))) if !OAuth2Client.AccountLinking.isValid() { - log.Warn("Account linking setting is not valid: '%s', will fallback to '%s'", OAuth2Client.AccountLinking, OAuth2AccountLinkingDisabled) - OAuth2Client.AccountLinking = OAuth2AccountLinkingDisabled + log.Warn("Account linking setting is not valid: '%s', will fallback to '%s'", OAuth2Client.AccountLinking, OAuth2AccountLinkingLogin) + OAuth2Client.AccountLinking = OAuth2AccountLinkingLogin } }