Fix LDAP login: ensure password encoding and include user in response
- Fix password encoding: Convert password to UTF-8 bytes for LDAP protocol compatibility - Add 'user' field to TokenResponse schema for frontend compatibility - Update login endpoint to populate user object in response - Resolves 'Invalid Protocol Password' error on LDAP login attempts The issue was that frontend expected response.user but backend only returned individual fields (user_id, username, role), causing localStorage assignment to fail.
This commit is contained in:
@@ -67,7 +67,9 @@ def authenticate_ldap(username, password):
|
||||
user_dn = config["user_template"].format(username=safe_username_rdn)
|
||||
log.debug(f"LDAP: Attempting bind for DN: {user_dn}")
|
||||
|
||||
conn = ldap3.Connection(server, user=user_dn, password=password, auto_bind=True)
|
||||
# [FIX] Ensure password is UTF-8 encoded for LDAP protocol
|
||||
password_bytes = password.encode('utf-8') if isinstance(password, str) else password
|
||||
conn = ldap3.Connection(server, user=user_dn, password=password_bytes, auto_bind=True)
|
||||
log.debug(f"LDAP: Bind successful for {user_dn}")
|
||||
|
||||
# Search for the user to get their CANONICAL DN
|
||||
@@ -250,7 +252,8 @@ def login(request: Request, form_data: schemas.UserLogin, db: Session = Depends(
|
||||
token_type="bearer",
|
||||
user_id=user.id,
|
||||
username=user.username,
|
||||
role=user.role
|
||||
role=user.role,
|
||||
user=schemas.User(id=user.id, username=user.username, role=user.role, origin=user.origin)
|
||||
)
|
||||
|
||||
|
||||
|
||||
@@ -42,3 +42,4 @@ class TokenResponse(BaseModel):
|
||||
user_id: int
|
||||
username: str
|
||||
role: str
|
||||
user: Optional['User'] = None # For frontend compatibility
|
||||
|
||||
Reference in New Issue
Block a user