Disallow LDAP bind if trap is set; support setting trap from user form
This commit is contained in:
garrettmills
@@ -7,6 +7,24 @@ class AuthController extends Controller {
|
||||
return [...super.services, 'models', 'auth', 'MFA', 'output', 'configs', 'utility']
|
||||
}
|
||||
|
||||
async get_traps(req, res, next) {
|
||||
const trap_config = this.configs.get('traps')
|
||||
const data = [{ name: '(None)', trap: '', redirect_to: '/' }]
|
||||
for ( const name in trap_config.types ) {
|
||||
if ( !trap_config.types.hasOwnProperty(name) ) continue
|
||||
data.push({
|
||||
name: name.replace(/_/g, ' ')
|
||||
.split(' ')
|
||||
.map(x => x.charAt(0).toUpperCase() + x.substr(1))
|
||||
.join(' '),
|
||||
trap: name,
|
||||
redirect_to: trap_config.types[name].redirect_to
|
||||
})
|
||||
}
|
||||
|
||||
return res.api(data)
|
||||
}
|
||||
|
||||
async registration(req, res, next) {
|
||||
const User = this.models.get('auth:User')
|
||||
const required_fields = ['first_name', 'last_name', 'uid', 'email']
|
||||
@@ -230,6 +248,15 @@ class AuthController extends Controller {
|
||||
if ( req.body.tagline )
|
||||
user.tagline = req.body.tagline
|
||||
|
||||
if ( req.body.trap ) {
|
||||
if ( !req.trap.trap_exists(req.body.trap) )
|
||||
return res.status(400)
|
||||
.message('Invalid trap type.')
|
||||
.api()
|
||||
|
||||
user.trap = req.body.trap
|
||||
}
|
||||
|
||||
await user.reset_password(req.body.password, 'create')
|
||||
await user.save()
|
||||
return res.api(await user.to_api())
|
||||
@@ -340,6 +367,16 @@ class AuthController extends Controller {
|
||||
else
|
||||
user.tagline = ''
|
||||
|
||||
if ( req.body.trap ) {
|
||||
if ( !req.trap.trap_exists(req.body.trap) )
|
||||
return res.status(400)
|
||||
.message('Invalid trap type.')
|
||||
.api()
|
||||
|
||||
user.trap = req.body.trap
|
||||
} else
|
||||
user.trap = ''
|
||||
|
||||
await user.save()
|
||||
return res.api()
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user