LDAP users should not be subject to password guess limits or email verification (#3245)

2025-02-25 18:55:24 -06:00 · 2016-06-05 02:38:36 -04:00
parent 8936d67044
commit 919eea73b6
1 changed files with 6 additions and 3 deletions
--- a/api/authentication.go
+++ b/api/authentication.go
@@ -56,9 +56,12 @@ func checkLdapUserPasswordAndAllCriteria(ldapId *string, password string, mfaTok
 		user = ldapUser
 	}

-	if err := checkUserAdditionalAuthenticationCriteria(user, mfaToken); err != nil {
-		err.StatusCode = http.StatusUnauthorized
-		return user, err
+	if err := checkUserMfa(user, mfaToken); err != nil {
+		return nil, err
+	}
+
+	if err := checkUserNotDisabled(user); err != nil {
+		return nil, err
 	}

 	// user successfully authenticated