forked from potsda.mn/mobilizon
Fix 3rd-party auth issues
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
This commit is contained in:
parent
1d2038c9a0
commit
69841cbb45
|
@ -708,5 +708,7 @@
|
||||||
"Your email address was automatically set based on your {provider} account.": "Your email address was automatically set based on your {provider} account.",
|
"Your email address was automatically set based on your {provider} account.": "Your email address was automatically set based on your {provider} account.",
|
||||||
"You can't change your password because you are registered through {provider}.": "You can't change your password because you are registered through {provider}.",
|
"You can't change your password because you are registered through {provider}.": "You can't change your password because you are registered through {provider}.",
|
||||||
"Error while login with {provider}. Retry or login another way.": "Error while login with {provider}. Retry or login another way.",
|
"Error while login with {provider}. Retry or login another way.": "Error while login with {provider}. Retry or login another way.",
|
||||||
"Error while login with {provider}. This login provider doesn't exist.": "Error while login with {provider}. This login provider doesn't exist."
|
"Error while login with {provider}. This login provider doesn't exist.": "Error while login with {provider}. This login provider doesn't exist.",
|
||||||
|
"This user has been disabled": "This user has been disabled",
|
||||||
|
"You can't reset your password because you use a 3rd-party auth provider to login.": "You can't reset your password because you use a 3rd-party auth provider to login."
|
||||||
}
|
}
|
||||||
|
|
|
@ -708,5 +708,7 @@
|
||||||
"Your email address was automatically set based on your {provider} account.": "Votre adresse email a été définie automatiquement en se basant sur votre compte {provider}.",
|
"Your email address was automatically set based on your {provider} account.": "Votre adresse email a été définie automatiquement en se basant sur votre compte {provider}.",
|
||||||
"You can't change your password because you are registered through {provider}.": "Vous ne pouvez pas changer votre mot de passe car vous vous êtes enregistré via {provider}.",
|
"You can't change your password because you are registered through {provider}.": "Vous ne pouvez pas changer votre mot de passe car vous vous êtes enregistré via {provider}.",
|
||||||
"Error while login with {provider}. Retry or login another way.": "Erreur lors de la connexion avec {provider}. Réessayez ou bien connectez vous autrement.",
|
"Error while login with {provider}. Retry or login another way.": "Erreur lors de la connexion avec {provider}. Réessayez ou bien connectez vous autrement.",
|
||||||
"Error while login with {provider}. This login provider doesn't exist.": "Erreur lors de la connexion avec {provider}. Cette méthode de connexion n'existe pas."
|
"Error while login with {provider}. This login provider doesn't exist.": "Erreur lors de la connexion avec {provider}. Cette méthode de connexion n'existe pas.",
|
||||||
|
"This user has been disabled": "Cet utilisateur·ice a été désactivé·e",
|
||||||
|
"You can't reset your password because you use a 3rd-party auth provider to login.": "Vous ne pouvez pas réinitialiser votre mot de passe car vous vous connectez via une méthode externe."
|
||||||
}
|
}
|
||||||
|
|
|
@ -8,4 +8,9 @@ export enum LoginError {
|
||||||
USER_EMAIL_PASSWORD_INVALID = "Impossible to authenticate, either your email or password are invalid.",
|
USER_EMAIL_PASSWORD_INVALID = "Impossible to authenticate, either your email or password are invalid.",
|
||||||
LOGIN_PROVIDER_ERROR = "Error with Login Provider",
|
LOGIN_PROVIDER_ERROR = "Error with Login Provider",
|
||||||
LOGIN_PROVIDER_NOT_FOUND = "Login Provider not found",
|
LOGIN_PROVIDER_NOT_FOUND = "Login Provider not found",
|
||||||
|
USER_DISABLED = "This user has been disabled",
|
||||||
|
}
|
||||||
|
|
||||||
|
export enum ResetError {
|
||||||
|
USER_IMPOSSIBLE_TO_RESET = "This user can't reset their password",
|
||||||
}
|
}
|
||||||
|
|
|
@ -54,6 +54,9 @@
|
||||||
<span v-if="error === LoginError.USER_DOES_NOT_EXIST">{{
|
<span v-if="error === LoginError.USER_DOES_NOT_EXIST">{{
|
||||||
$t("No user account with this email was found. Maybe you made a typo?")
|
$t("No user account with this email was found. Maybe you made a typo?")
|
||||||
}}</span>
|
}}</span>
|
||||||
|
<span v-if="error === LoginError.USER_DISABLED">
|
||||||
|
{{ $t("This user has been disabled") }}
|
||||||
|
</span>
|
||||||
</b-message>
|
</b-message>
|
||||||
<form @submit="loginAction">
|
<form @submit="loginAction">
|
||||||
<b-field :label="$t('Email')" label-for="email">
|
<b-field :label="$t('Email')" label-for="email">
|
||||||
|
|
|
@ -19,7 +19,14 @@
|
||||||
:key="error"
|
:key="error"
|
||||||
@close="removeError(error)"
|
@close="removeError(error)"
|
||||||
>
|
>
|
||||||
{{ error }}
|
<span v-if="error == ResetError.USER_IMPOSSIBLE_TO_RESET">
|
||||||
|
{{
|
||||||
|
$t(
|
||||||
|
"You can't reset your password because you use a 3rd-party auth provider to login."
|
||||||
|
)
|
||||||
|
}}
|
||||||
|
</span>
|
||||||
|
<span v-else>{{ error }}</span>
|
||||||
</b-message>
|
</b-message>
|
||||||
<form @submit="sendResetPasswordTokenAction" v-if="!validationSent">
|
<form @submit="sendResetPasswordTokenAction" v-if="!validationSent">
|
||||||
<b-field :label="$t('Email address')">
|
<b-field :label="$t('Email address')">
|
||||||
|
@ -52,6 +59,7 @@ import { Component, Prop, Vue } from "vue-property-decorator";
|
||||||
import { validateEmailField, validateRequiredField } from "../../utils/validators";
|
import { validateEmailField, validateRequiredField } from "../../utils/validators";
|
||||||
import { SEND_RESET_PASSWORD } from "../../graphql/auth";
|
import { SEND_RESET_PASSWORD } from "../../graphql/auth";
|
||||||
import RouteName from "../../router/name";
|
import RouteName from "../../router/name";
|
||||||
|
import { ResetError } from "../../types/login-error-code.model";
|
||||||
|
|
||||||
@Component
|
@Component
|
||||||
export default class SendPasswordReset extends Vue {
|
export default class SendPasswordReset extends Vue {
|
||||||
|
@ -67,6 +75,8 @@ export default class SendPasswordReset extends Vue {
|
||||||
|
|
||||||
errors: string[] = [];
|
errors: string[] = [];
|
||||||
|
|
||||||
|
ResetError = ResetError;
|
||||||
|
|
||||||
state = {
|
state = {
|
||||||
email: {
|
email: {
|
||||||
status: null,
|
status: null,
|
||||||
|
|
|
@ -69,6 +69,9 @@ defmodule Mobilizon.GraphQL.Resolvers.User do
|
||||||
{:error, :user_not_found} ->
|
{:error, :user_not_found} ->
|
||||||
{:error, "No user with this email was found"}
|
{:error, "No user with this email was found"}
|
||||||
|
|
||||||
|
{:error, :disabled_user} ->
|
||||||
|
{:error, "This user has been disabled"}
|
||||||
|
|
||||||
{:error, _error} ->
|
{:error, _error} ->
|
||||||
{:error, "Impossible to authenticate, either your email or password are invalid."}
|
{:error, "Impossible to authenticate, either your email or password are invalid."}
|
||||||
end
|
end
|
||||||
|
|
|
@ -67,13 +67,20 @@ defmodule Mobilizon.Service.Auth.LDAPAuthenticator do
|
||||||
# Then we can verify the user's password
|
# Then we can verify the user's password
|
||||||
:ok <- bind_user(connection, base, uid_field, uid, password) do
|
:ok <- bind_user(connection, base, uid_field, uid, password) do
|
||||||
case fetch_user(email) do
|
case fetch_user(email) do
|
||||||
%User{} = user ->
|
%User{disabled: false} = user ->
|
||||||
user
|
user
|
||||||
|
|
||||||
|
%User{disabled: true} = _user ->
|
||||||
|
{:error, :disabled_user}
|
||||||
|
|
||||||
_ ->
|
_ ->
|
||||||
register_user(email)
|
register_user(email)
|
||||||
end
|
end
|
||||||
else
|
else
|
||||||
|
{:error, err}
|
||||||
|
when err in [:ldap_search_email_not_found, :ldap_search_email_not_found] ->
|
||||||
|
{:ldap, err}
|
||||||
|
|
||||||
{:error, error} ->
|
{:error, error} ->
|
||||||
{:error, error}
|
{:error, error}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue