public-offering
/
cal.pub0.org
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Bugfix/allow impersonation non cal id p (#7689) 

* Only require a password when IdP is CAL

* Also require twoFactorEnabled
pull/7284/head^2
Alex van Andel 2023-03-15 14:52:32 +00:00 committed by GitHub
parent d778fe6a1b
commit fcb06a131b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
packages/features/auth/lib/next-auth-options.ts
View File

@ -165,7 +165,12 @@ const providers: Provider[] = [
}).length > 0; }).length > 0;
// authentication success- but does it meet the minimum password requirements? // authentication success- but does it meet the minimum password requirements?
if (user.role === "ADMIN" && !isPasswordValid(credentials.password, false, true)) { if (
user.role === "ADMIN" &&
((user.identityProvider === IdentityProvider.CAL &&
!isPasswordValid(credentials.password, false, true)) ||
!user.twoFactorEnabled)
) {
return { return {
id: user.id, id: user.id,
username: user.username, username: user.username,