jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

ldapserver: remove totp logic

Browse Source 
none of the apps send totptoken and it's dead code
This commit is contained in:
Girish Ramakrishnan
2024-01-22 14:06:24 +01:00
parent d7dda61775
commit 5b9700e099
1 changed files with 1 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/ldapserver.js
View File

@@ -53,10 +53,6 @@ async function userAuthInternal(appId, req, res, next) {
const commonName = req.dn.rdns[0].attrs[attributeName].value;
if (!commonName) return next(new ldap.NoSuchObjectError('Missing CN'));
// this code here is only for completeness. none of the apps send totptoken
const TOTPTOKEN_ATTRIBUTE_NAME = 'totptoken';
const totpToken = req.dn.rdns[0].attrs[TOTPTOKEN_ATTRIBUTE_NAME] ? req.dn.rdns[0].attrs[TOTPTOKEN_ATTRIBUTE_NAME].value : null;
let verifyFunc;
if (attributeName === 'mail') {
verifyFunc = users.verifyWithEmail;
@@ -68,7 +64,7 @@ async function userAuthInternal(appId, req, res, next) {
verifyFunc = users.verifyWithUsername;
}
const [error, user] = await safe(verifyFunc(commonName, req.credentials || '', appId || '', { skipTotpCheck: true, totpToken }));
const [error, user] = await safe(verifyFunc(commonName, req.credentials || '', appId || '', { skipTotpCheck: true }));
if (error && error.reason === BoxError.NOT_FOUND) return next(new ldap.NoSuchObjectError(error.message));
if (error && error.reason === BoxError.INVALID_CREDENTIALS) return next(new ldap.InvalidCredentialsError(error.message));
if (error) return next(new ldap.OperationsError(error.message));