aboutsummaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
-rw-r--r--server/controllers/api/users/index.ts2
-rw-r--r--server/middlewares/validators/users.ts14
-rw-r--r--server/tests/external-plugins/auth-ldap.ts8
3 files changed, 23 insertions, 1 deletions
diff --git a/server/controllers/api/users/index.ts b/server/controllers/api/users/index.ts
index 0b27d5277..07b9ae395 100644
--- a/server/controllers/api/users/index.ts
+++ b/server/controllers/api/users/index.ts
@@ -343,7 +343,7 @@ async function askResetUserPassword (req: express.Request, res: express.Response
343 343
344 const verificationString = await Redis.Instance.setResetPasswordVerificationString(user.id) 344 const verificationString = await Redis.Instance.setResetPasswordVerificationString(user.id)
345 const url = WEBSERVER.URL + '/reset-password?userId=' + user.id + '&verificationString=' + verificationString 345 const url = WEBSERVER.URL + '/reset-password?userId=' + user.id + '&verificationString=' + verificationString
346 await Emailer.Instance.addPasswordResetEmailJob(user.username, user.email, url) 346 Emailer.Instance.addPasswordResetEmailJob(user.username, user.email, url)
347 347
348 return res.status(HttpStatusCode.NO_CONTENT_204).end() 348 return res.status(HttpStatusCode.NO_CONTENT_204).end()
349} 349}
diff --git a/server/middlewares/validators/users.ts b/server/middlewares/validators/users.ts
index 2de5265fb..eb693318f 100644
--- a/server/middlewares/validators/users.ts
+++ b/server/middlewares/validators/users.ts
@@ -411,6 +411,13 @@ const usersAskResetPasswordValidator = [
411 return res.status(HttpStatusCode.NO_CONTENT_204).end() 411 return res.status(HttpStatusCode.NO_CONTENT_204).end()
412 } 412 }
413 413
414 if (res.locals.user.pluginAuth) {
415 return res.fail({
416 status: HttpStatusCode.CONFLICT_409,
417 message: 'Cannot recover password of a user that uses a plugin authentication.'
418 })
419 }
420
414 return next() 421 return next()
415 } 422 }
416] 423]
@@ -454,6 +461,13 @@ const usersAskSendVerifyEmailValidator = [
454 return res.status(HttpStatusCode.NO_CONTENT_204).end() 461 return res.status(HttpStatusCode.NO_CONTENT_204).end()
455 } 462 }
456 463
464 if (res.locals.user.pluginAuth) {
465 return res.fail({
466 status: HttpStatusCode.CONFLICT_409,
467 message: 'Cannot ask verification email of a user that uses a plugin authentication.'
468 })
469 }
470
457 return next() 471 return next()
458 } 472 }
459] 473]
diff --git a/server/tests/external-plugins/auth-ldap.ts b/server/tests/external-plugins/auth-ldap.ts
index d7f155d2a..6f6a574a0 100644
--- a/server/tests/external-plugins/auth-ldap.ts
+++ b/server/tests/external-plugins/auth-ldap.ts
@@ -94,6 +94,14 @@ describe('Official plugin auth-ldap', function () {
94 await server.login.login({ user: { username: 'fry@planetexpress.com', password: 'fry' } }) 94 await server.login.login({ user: { username: 'fry@planetexpress.com', password: 'fry' } })
95 }) 95 })
96 96
97 it('Should not be able to ask password reset', async function () {
98 await server.users.askResetPassword({ email: 'fry@planetexpress.com', expectedStatus: HttpStatusCode.CONFLICT_409 })
99 })
100
101 it('Should not be able to ask email verification', async function () {
102 await server.users.askSendVerifyEmail({ email: 'fry@planetexpress.com', expectedStatus: HttpStatusCode.CONFLICT_409 })
103 })
104
97 it('Should not login if the plugin is uninstalled', async function () { 105 it('Should not login if the plugin is uninstalled', async function () {
98 await server.plugins.uninstall({ npmName: 'peertube-plugin-auth-ldap' }) 106 await server.plugins.uninstall({ npmName: 'peertube-plugin-auth-ldap' })
99 107