Add SkipLocal2FA option to pam and smtp sources (#17078)
* Add SkipLocal2FA option to other pam and smtp sources Extend #16954 to allow setting skip local 2fa on pam and SMTP authentication sources Signed-off-by: Andrew Thornton <art27@cantab.net> * make SkipLocal2FA omitempty Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: 6543 <6543@obermui.de>
This commit is contained in:
parent
74542ad35b
commit
7e98cd58dd
10 changed files with 48 additions and 6 deletions
|
@ -161,6 +161,7 @@ func parseSMTPConfig(form forms.AuthenticationForm) *smtp.Source {
|
|||
SkipVerify: form.SkipVerify,
|
||||
HeloHostname: form.HeloHostname,
|
||||
DisableHelo: form.DisableHelo,
|
||||
SkipLocalTwoFA: form.SkipLocalTwoFA,
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -244,8 +245,9 @@ func NewAuthSourcePost(ctx *context.Context) {
|
|||
hasTLS = true
|
||||
case login.PAM:
|
||||
config = &pamService.Source{
|
||||
ServiceName: form.PAMServiceName,
|
||||
EmailDomain: form.PAMEmailDomain,
|
||||
ServiceName: form.PAMServiceName,
|
||||
EmailDomain: form.PAMEmailDomain,
|
||||
SkipLocalTwoFA: form.SkipLocalTwoFA,
|
||||
}
|
||||
case login.OAuth2:
|
||||
config = parseOAuth2Config(form)
|
||||
|
|
|
@ -53,7 +53,7 @@ type Source struct {
|
|||
GroupFilter string // Group Name Filter
|
||||
GroupMemberUID string // Group Attribute containing array of UserUID
|
||||
UserUID string // User Attribute listed in Group
|
||||
SkipLocalTwoFA bool // Skip Local 2fa for users authenticated with this source
|
||||
SkipLocalTwoFA bool `json:",omitempty"` // Skip Local 2fa for users authenticated with this source
|
||||
|
||||
// reference to the loginSource
|
||||
loginSource *login.Source
|
||||
|
|
|
@ -25,7 +25,7 @@ type Source struct {
|
|||
OpenIDConnectAutoDiscoveryURL string
|
||||
CustomURLMapping *CustomURLMapping
|
||||
IconURL string
|
||||
SkipLocalTwoFA bool
|
||||
SkipLocalTwoFA bool `json:",omitempty"`
|
||||
|
||||
// reference to the loginSource
|
||||
loginSource *login.Source
|
||||
|
|
|
@ -19,8 +19,9 @@ import (
|
|||
|
||||
// Source holds configuration for the PAM login source.
|
||||
type Source struct {
|
||||
ServiceName string // pam service (e.g. system-auth)
|
||||
EmailDomain string
|
||||
ServiceName string // pam service (e.g. system-auth)
|
||||
EmailDomain string
|
||||
SkipLocalTwoFA bool `json:",omitempty"` // Skip Local 2fa for users authenticated with this source
|
||||
|
||||
// reference to the loginSource
|
||||
loginSource *login.Source
|
||||
|
|
|
@ -69,3 +69,8 @@ func (source *Source) Authenticate(user *models.User, userName, password string)
|
|||
|
||||
return user, nil
|
||||
}
|
||||
|
||||
// IsSkipLocalTwoFA returns if this source should skip local 2fa for password authentication
|
||||
func (source *Source) IsSkipLocalTwoFA() bool {
|
||||
return source.SkipLocalTwoFA
|
||||
}
|
||||
|
|
|
@ -27,6 +27,7 @@ type Source struct {
|
|||
SkipVerify bool
|
||||
HeloHostname string
|
||||
DisableHelo bool
|
||||
SkipLocalTwoFA bool `json:",omitempty"`
|
||||
|
||||
// reference to the loginSource
|
||||
loginSource *login.Source
|
||||
|
|
|
@ -85,3 +85,8 @@ func (source *Source) Authenticate(user *models.User, userName, password string)
|
|||
|
||||
return user, nil
|
||||
}
|
||||
|
||||
// IsSkipLocalTwoFA returns if this source should skip local 2fa for password authentication
|
||||
func (source *Source) IsSkipLocalTwoFA() bool {
|
||||
return source.SkipLocalTwoFA
|
||||
}
|
||||
|
|
|
@ -215,6 +215,13 @@
|
|||
<input id="allowed_domains" name="allowed_domains" value="{{$cfg.AllowedDomains}}">
|
||||
<p class="help">{{.i18n.Tr "admin.auths.allowed_domains_helper"}}</p>
|
||||
</div>
|
||||
<div class="optional field">
|
||||
<div class="ui checkbox">
|
||||
<label for="skip_local_two_fa"><strong>{{.i18n.Tr "admin.auths.skip_local_two_fa"}}</strong></label>
|
||||
<input id="skip_local_two_fa" name="skip_local_two_fa" type="checkbox" {{if $cfg.SkipLocalTwoFA}}checked{{end}}>
|
||||
<p class="help">{{.i18n.Tr "admin.auths.skip_local_two_fa_helper"}}</p>
|
||||
</div>
|
||||
</div>
|
||||
{{end}}
|
||||
|
||||
<!-- PAM -->
|
||||
|
@ -228,6 +235,13 @@
|
|||
<label for="pam_email_domain">{{.i18n.Tr "admin.auths.pam_email_domain"}}</label>
|
||||
<input id="pam_email_domain" name="pam_email_domain" value="{{$cfg.EmailDomain}}">
|
||||
</div>
|
||||
<div class="optional field">
|
||||
<div class="ui checkbox">
|
||||
<label for="skip_local_two_fa"><strong>{{.i18n.Tr "admin.auths.skip_local_two_fa"}}</strong></label>
|
||||
<input id="skip_local_two_fa" name="skip_local_two_fa" type="checkbox" {{if $cfg.SkipLocalTwoFA}}checked{{end}}>
|
||||
<p class="help">{{.i18n.Tr "admin.auths.skip_local_two_fa_helper"}}</p>
|
||||
</div>
|
||||
</div>
|
||||
{{end}}
|
||||
|
||||
<!-- OAuth2 -->
|
||||
|
|
|
@ -41,6 +41,13 @@
|
|||
<label for="pam_email_domain">{{.i18n.Tr "admin.auths.pam_email_domain"}}</label>
|
||||
<input id="pam_email_domain" name="pam_email_domain" value="{{.pam_email_domain}}">
|
||||
</div>
|
||||
<div class="pam optional field {{if not (eq .type 4)}}hide{{end}}">
|
||||
<div class="ui checkbox">
|
||||
<label for="skip_local_two_fa"><strong>{{.i18n.Tr "admin.auths.skip_local_two_fa"}}</strong></label>
|
||||
<input id="skip_local_two_fa" name="skip_local_two_fa" type="checkbox" {{if .skip_local_two_fa}}checked{{end}}>
|
||||
<p class="help">{{.i18n.Tr "admin.auths.skip_local_two_fa_helper"}}</p>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<!-- OAuth2 -->
|
||||
{{ template "admin/auth/source/oauth" . }}
|
||||
|
|
|
@ -49,4 +49,11 @@
|
|||
<input id="allowed_domains" name="allowed_domains" value="{{.allowed_domains}}">
|
||||
<p class="help">{{.i18n.Tr "admin.auths.allowed_domains_helper"}}</p>
|
||||
</div>
|
||||
<div class="optional field">
|
||||
<div class="ui checkbox">
|
||||
<label for="skip_local_two_fa"><strong>{{.i18n.Tr "admin.auths.skip_local_two_fa"}}</strong></label>
|
||||
<input id="skip_local_two_fa" name="skip_local_two_fa" type="checkbox" {{if .skip_local_two_fa}}checked{{end}}>
|
||||
<p class="help">{{.i18n.Tr "admin.auths.skip_local_two_fa_helper"}}</p>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
|
Reference in a new issue