jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

mandatory2fa: fix workflow when using external LDAP

Browse Source 
* Always allow the mandatory 2fa setting to be saved
* Show warning for user if they have no 2fa setup and if not external 2fa
* If they get locked out anyway, they have to use CLI tool
* redirect for mandatory 2fa only if not external 2fa as well
This commit is contained in:
Girish Ramakrishnan
2024-05-25 12:54:40 +02:00
parent 077f95049e
commit d34b102e52
8 changed files with 27 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/routes/test/common.js
+2 -2
View File
@@ -94,7 +94,7 @@ async function setup() {
expect(response.status).to.equal(201);
admin.id = response.body.id;
// HACK to get a token for second user (passwords are generated and the user should have gotten a password setup link...)
const token1 = await tokens.add({ identifier: admin.id, clientId: 'test-client-id', expires: Date.now() + (60 * 60 * 1000), name: 'fromtest' });
const token1 = await tokens.add({ identifier: admin.id, clientId: tokens.ID_WEBADMIN, expires: Date.now() + (60 * 60 * 1000), name: 'fromtest' });
admin.token = token1.accessToken;
// create user
@@ -104,7 +104,7 @@ async function setup() {
expect(response.status).to.equal(201);
user.id = response.body.id;
// HACK to get a token for second user (passwords are generated and the user should have gotten a password setup link...)
const token2 = await tokens.add({ identifier: user.id, clientId: 'test-client-id', expires: Date.now() + (60 * 60 * 1000), name: 'fromtest' });
const token2 = await tokens.add({ identifier: user.id, clientId: tokens.ID_WEBADMIN, expires: Date.now() + (60 * 60 * 1000), name: 'fromtest' });
user.token = token2.accessToken;
await settings._set(settings.APPSTORE_API_TOKEN_KEY, exports.appstoreToken); // appstore token
src/routes/test/user-directory-test.js
+7 -1
View File
@@ -74,7 +74,13 @@ describe('User Directory API', function () {
.query({ access_token: owner.token })
.ok(() => true);
expect(response2.statusCode).to.equal(401); // token is gone
expect(response2.statusCode).to.equal(200); // token is not gone, since it is persisted
const response3 = await superagent.get(`${serverUrl}/api/v1/profile`)
.query({ access_token: user.token })
.ok(() => true);
expect(response3.statusCode).to.equal(401); // token is gone
});
});
});