TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-08-11 21:17:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: check login policy before register and password check (#2611)

Browse Source 
* fix: check login policy before register and password check

* remove accidentally pushed overwrite

* Update en.yaml
This commit is contained in:
Livio Amstutz
2021-11-08 08:42:07 +01:00
committed by GitHub
parent 17e00f8204
commit af1f10b7ca
7 changed files with 339 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
internal/command/user_human_password.go
View File

@@ -4,6 +4,7 @@ import (
"context"
"github.com/caos/logging"
"github.com/caos/zitadel/internal/crypto"
"github.com/caos/zitadel/internal/domain"
caos_errs "github.com/caos/zitadel/internal/errors"
@@ -206,6 +207,14 @@ func (c *Commands) HumanCheckPassword(ctx context.Context, orgID, userID, passwo
return caos_errs.ThrowInvalidArgument(nil, "COMMAND-3n8fs", "Errors.User.Password.Empty")
}
loginPolicy, err := c.getOrgLoginPolicy(ctx, orgID)
if err != nil {
return caos_errs.ThrowPreconditionFailed(err, "COMMAND-Edf3g", "Errors.Org.LoginPolicy.NotFound")
}
if !loginPolicy.AllowUsernamePassword {
return caos_errs.ThrowPreconditionFailed(err, "COMMAND-Dft32", "Errors.Org.LoginPolicy.UsernamePasswordNotAllowed")
}
existingPassword, err := c.passwordWriteModel(ctx, userID, orgID)
if err != nil {
return err