abunchtell
/
mastodon
1
0
Fork 0
Code Issues 0 Activity
Browse Source

Fix resource_owner_from_credentials in Doorkeeper initializer (#12743) 

- Nil error when e-mail not found
- LDAP authentication used in place of PAM authentication
master^2
Eugen Rochko 4 years ago
committed by GitHub
parent
4729341903
commit
59c697a30c
No known key found for this signature in database GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 9 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +4
    -9
      config/initializers/doorkeeper.rb

+ 4
- 9
config/initializers/doorkeeper.rb View File

@@ -8,20 +8,15 @@ Doorkeeper.configure do
end

resource_owner_from_credentials do |_routes|
if Devise.ldap_authentication
user = User.authenticate_with_ldap({ :email => request.params[:username], :password => request.params[:password] })
end

if Devise.pam_authentication
user ||= User.authenticate_with_ldap({ :email => request.params[:username], :password => request.params[:password] })
end
user = User.authenticate_with_ldap(email: request.params[:username], password: request.params[:password]) if Devise.ldap_authentication
user ||= User.authenticate_with_pam(email: request.params[:username], password: request.params[:password]) if Devise.pam_authentication

if user.nil?
user = User.find_by(email: request.params[:username])
user = nil unless user.valid_password?(request.params[:password])
user = nil unless user&.valid_password?(request.params[:password])
end

user if !user&.otp_required_for_login?
user unless user&.otp_required_for_login?
end

# If you want to restrict access to the web interface for adding oauth authorized applications, you need to declare the block below.


Write Preview
Loading…
Cancel
Save