From c5f3ff39e5351ac911418c432dac235c5aefec9e Mon Sep 17 00:00:00 2001 From: Chocobozzz Date: Wed, 28 Sep 2022 16:00:32 +0200 Subject: Ask password reset/email verif error handling With a user that uses a plugin authentication --- server/controllers/api/users/index.ts | 2 +- server/middlewares/validators/users.ts | 14 ++++++++++++++ server/tests/external-plugins/auth-ldap.ts | 8 ++++++++ 3 files changed, 23 insertions(+), 1 deletion(-) (limited to 'server') diff --git a/server/controllers/api/users/index.ts b/server/controllers/api/users/index.ts index 0b27d5277..07b9ae395 100644 --- a/server/controllers/api/users/index.ts +++ b/server/controllers/api/users/index.ts @@ -343,7 +343,7 @@ async function askResetUserPassword (req: express.Request, res: express.Response const verificationString = await Redis.Instance.setResetPasswordVerificationString(user.id) const url = WEBSERVER.URL + '/reset-password?userId=' + user.id + '&verificationString=' + verificationString - await Emailer.Instance.addPasswordResetEmailJob(user.username, user.email, url) + Emailer.Instance.addPasswordResetEmailJob(user.username, user.email, url) return res.status(HttpStatusCode.NO_CONTENT_204).end() } diff --git a/server/middlewares/validators/users.ts b/server/middlewares/validators/users.ts index 2de5265fb..eb693318f 100644 --- a/server/middlewares/validators/users.ts +++ b/server/middlewares/validators/users.ts @@ -411,6 +411,13 @@ const usersAskResetPasswordValidator = [ return res.status(HttpStatusCode.NO_CONTENT_204).end() } + if (res.locals.user.pluginAuth) { + return res.fail({ + status: HttpStatusCode.CONFLICT_409, + message: 'Cannot recover password of a user that uses a plugin authentication.' + }) + } + return next() } ] @@ -454,6 +461,13 @@ const usersAskSendVerifyEmailValidator = [ return res.status(HttpStatusCode.NO_CONTENT_204).end() } + if (res.locals.user.pluginAuth) { + return res.fail({ + status: HttpStatusCode.CONFLICT_409, + message: 'Cannot ask verification email of a user that uses a plugin authentication.' + }) + } + return next() } ] diff --git a/server/tests/external-plugins/auth-ldap.ts b/server/tests/external-plugins/auth-ldap.ts index d7f155d2a..6f6a574a0 100644 --- a/server/tests/external-plugins/auth-ldap.ts +++ b/server/tests/external-plugins/auth-ldap.ts @@ -94,6 +94,14 @@ describe('Official plugin auth-ldap', function () { await server.login.login({ user: { username: 'fry@planetexpress.com', password: 'fry' } }) }) + it('Should not be able to ask password reset', async function () { + await server.users.askResetPassword({ email: 'fry@planetexpress.com', expectedStatus: HttpStatusCode.CONFLICT_409 }) + }) + + it('Should not be able to ask email verification', async function () { + await server.users.askSendVerifyEmail({ email: 'fry@planetexpress.com', expectedStatus: HttpStatusCode.CONFLICT_409 }) + }) + it('Should not login if the plugin is uninstalled', async function () { await server.plugins.uninstall({ npmName: 'peertube-plugin-auth-ldap' }) -- cgit v1.2.3