public/mailcow-dockerized
1
0
Fork 0
mirror of https://github.com/mailcow/mailcow-dockerized.git synced 2025-12-15 19:06:03 +00:00
Code Issues Releases Wiki Activity

[Web] Fix force password update at next login

Browse Source
This commit is contained in:
FreddleSpl0it
2025-04-15 13:48:13 +02:00
parent a370499aaa
commit cb47fa406f
4 changed files with 23 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
data/web/inc/functions.auth.inc.php
View File

@@ -242,6 +242,7 @@ function user_login($user, $pass, $extra = null){
return false;
}
$row['attributes'] = json_decode($row['attributes'], true);
switch ($row['authsource']) {
case 'keycloak':
// user authsource is keycloak, try using via rest flow
@@ -261,6 +262,10 @@ function user_login($user, $pass, $extra = null){
return false;
}
if (intval($row['attributes']['force_pw_update']) == 1) {
$_SESSION['pending_pw_update'] = true;
}
// check for tfa authenticators
$authenticators = get_tfa($user);
if (isset($authenticators['additional']) && is_array($authenticators['additional']) && count($authenticators['additional']) > 0 && !$is_internal) {
@@ -313,6 +318,10 @@ function user_login($user, $pass, $extra = null){
return false;
}
if (intval($row['attributes']['force_pw_update']) == 1) {
$_SESSION['pending_pw_update'] = true;
}
// check for tfa authenticators
$authenticators = get_tfa($user);
if (isset($authenticators['additional']) && is_array($authenticators['additional']) && count($authenticators['additional']) > 0 && !$is_internal) {
@@ -351,6 +360,11 @@ function user_login($user, $pass, $extra = null){
}
// verify password
if (verify_hash($row['password'], $pass) !== false) {
if (intval($row['attributes']['force_pw_update']) == 1) {
$_SESSION['pending_pw_update'] = true;
}
// check for tfa authenticators
$authenticators = get_tfa($user);
if (isset($authenticators['additional']) && is_array($authenticators['additional']) && count($authenticators['additional']) > 0 && !$is_internal) {