feat: offline ldap support and ui polish v1.2.4
This commit is contained in:
@@ -152,18 +152,26 @@ def login(form_data: schemas.UserLogin, db: Session = Depends(get_db)):
|
||||
ldap_role = authenticate_ldap(form_data.username, form_data.password)
|
||||
if ldap_role:
|
||||
authenticated = True
|
||||
# Cache hash for offline support
|
||||
new_hash = get_password_hash(form_data.password)
|
||||
|
||||
# If user doesn't exist locally, create a stub for role management
|
||||
if not user:
|
||||
user = models.User(username=form_data.username, role=ldap_role, origin="ldap")
|
||||
user = models.User(
|
||||
username=form_data.username,
|
||||
role=ldap_role,
|
||||
origin="ldap",
|
||||
hashed_password=new_hash
|
||||
)
|
||||
db.add(user)
|
||||
db.commit()
|
||||
db.refresh(user)
|
||||
else:
|
||||
# Update role if it changed in LDAP
|
||||
if user.role != ldap_role:
|
||||
user.role = ldap_role
|
||||
db.commit()
|
||||
db.refresh(user)
|
||||
# Update role if it changed in LDAP and refresh cached hash
|
||||
user.role = ldap_role
|
||||
user.hashed_password = new_hash
|
||||
db.commit()
|
||||
db.refresh(user)
|
||||
else:
|
||||
raise HTTPException(status_code=400, detail="Invalid username or password, or insufficient permissions")
|
||||
|
||||
|
||||
Reference in New Issue
Block a user