jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

mandatory2fa: fix workflow when using external LDAP

Browse Source 
* Always allow the mandatory 2fa setting to be saved
* Show warning for user if they have no 2fa setup and if not external 2fa
* If they get locked out anyway, they have to use CLI tool
* redirect for mandatory 2fa only if not external 2fa as well
This commit is contained in:
Girish Ramakrishnan
2024-05-25 12:54:40 +02:00
parent 077f95049e
commit d34b102e52
8 changed files with 27 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/routes/user-directory.js
+1 -1
View File
@@ -26,7 +26,7 @@ async function setProfileConfig(req, res, next) {
if (typeof req.body.lockUserProfiles !== 'boolean') return next(new HttpError(400, 'lockUserProfiles is required'));
if (typeof req.body.mandatory2FA !== 'boolean') return next(new HttpError(400, 'mandatory2FA is required'));
const [error] = await safe(userDirectory.setProfileConfig(req.body, AuditSource.fromRequest(req)));
const [error] = await safe(userDirectory.setProfileConfig(req.body, { persistUserIdSessions: req.user.id }, AuditSource.fromRequest(req)));
if (error) return next(BoxError.toHttpError(error));
next(new HttpSuccess(200, {}));