From ce983e8b05d17adbf6b8228b990e5a512835ca56 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Isma=C3=ABl=20Bouya?= <ismael.bouya@normalesup.org>
Date: Sun, 26 Nov 2023 00:01:39 +0100
Subject: Allow plain mecanism for users login

---
 systems/eldiron/base.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'systems')

diff --git a/systems/eldiron/base.nix b/systems/eldiron/base.nix
index 24e05fe..a77a438 100644
--- a/systems/eldiron/base.nix
+++ b/systems/eldiron/base.nix
@@ -175,7 +175,7 @@
         table = ldap_users
         user_column = login
         pw_type = function
-        auth_query = SELECT (mechanism = 'SSHA' AND password = encode(digest( %p || salt, 'sha1'), 'hex')) FROM ldap_users WHERE login = %u OR login || '@' || realm = %u
+        auth_query = SELECT ((mechanism = 'SSHA' AND password = encode(digest( %p || salt, 'sha1'), 'hex')) OR (mechanism = 'PLAIN' AND password = %p)) FROM ldap_users WHERE login = %u OR login || '@' || realm = %u
         #pwd_query = WITH newsalt as (select gen_random_bytes(4)) UPDATE ldap_users SET password = encode(digest( %p || (SELECT * FROM newsalt), 'sha1'), 'hex'), salt = (SELECT * FROM newsalt), mechanism = 'SSHA' WHERE login = %u OR login || '@' || realm = %u
       '';
     };
-- 
cgit v1.2.3