public/mailcow-dockerized
1
0
Fork 0
mirror of https://github.com/mailcow/mailcow-dockerized.git synced 2025-12-22 06:11:32 +00:00
Code Issues Releases Wiki Activity

[Web] fix app_pass ignore_access

Browse Source
This commit is contained in:
FreddleSpl0it
2023-03-14 14:38:28 +01:00
committed by DerLinkman
parent eba1d469c8
commit 13f8882616
1 changed files with 6 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
data/web/inc/functions.auth.inc.php
View File

@@ -133,7 +133,7 @@ function mailcow_mbox_login($user, $pass, $app_passwd_data = false, $is_internal
AND `app_passwd`.`mailbox` = :user"; AND `app_passwd`.`mailbox` = :user";
// check if app password has protocol access // check if app password has protocol access
// skip if $app_passwd_data['ignore_hasaccess'] is true and the call is not external // skip if $app_passwd_data['ignore_hasaccess'] is true and the call is not external
if (!$app_passwd_data['ignore_hasaccess'] || !$is_internal){ if (!$is_internal || ($is_internal && !$app_passwd_data['ignore_hasaccess'])){
$app_passwd_query = $app_passwd_query . " AND `app_passwd`.`" . $is_app_passwd . "_access` = '1'"; $app_passwd_query = $app_passwd_query . " AND `app_passwd`.`" . $is_app_passwd . "_access` = '1'";
} }
// fetch password data // fetch password data
@@ -168,14 +168,11 @@ function mailcow_mbox_login($user, $pass, $app_passwd_data = false, $is_internal
// Reactivate TFA if it was set to "deactivate TFA for next login" // Reactivate TFA if it was set to "deactivate TFA for next login"
$stmt = $pdo->prepare("UPDATE `tfa` SET `active`='1' WHERE `username` = :user"); $stmt = $pdo->prepare("UPDATE `tfa` SET `active`='1' WHERE `username` = :user");
$stmt->execute(array(':user' => $user)); $stmt->execute(array(':user' => $user));
if (!$is_internal){ $_SESSION['return'][] = array(
// skip log 'type' => 'success',
$_SESSION['return'][] = array( 'log' => array(__FUNCTION__, $user, '*'),
'type' => 'success', 'msg' => array('logged_in_as', $user)
'log' => array(__FUNCTION__, $user, '*'), );
'msg' => array('logged_in_as', $user)
);
}
} }
return "user"; return "user";
} }