LDAP users should not be subject to password guess limits or email verification (#3245)

author: Christopher Speller <crspeller@gmail.com> 2016-06-05 02:38:36 -0400
committer: enahum <nahumhbl@gmail.com> 2016-06-05 03:38:36 -0300
commit: 919eea73b6134e6bc0277b7a29d8dc687ff52bf7 (patch)
tree: 17c22acf282a4b39ba51c23aaf60b1d870814e07 /api
parent: 8936d67044fc04476ec8e542bf9835f35ad39a0a (diff)
download: chat-919eea73b6134e6bc0277b7a29d8dc687ff52bf7.tar.gz
chat-919eea73b6134e6bc0277b7a29d8dc687ff52bf7.tar.bz2
chat-919eea73b6134e6bc0277b7a29d8dc687ff52bf7.zip
1 files changed, 6 insertions, 3 deletions
diff --git a/api/authentication.go b/api/authentication.go
index d30fc0a1f..42a395253 100644
--- a/api/authentication.go
+++ b/api/authentication.go
@@ -56,9 +56,12 @@ func checkLdapUserPasswordAndAllCriteria(ldapId *string, password string, mfaTok
 		user = ldapUser
 	}
 
-	if err := checkUserAdditionalAuthenticationCriteria(user, mfaToken); err != nil {
-		err.StatusCode = http.StatusUnauthorized
-		return user, err
+	if err := checkUserMfa(user, mfaToken); err != nil {
+		return nil, err
+	}
+
+	if err := checkUserNotDisabled(user); err != nil {
+		return nil, err
 	}
 
 	// user successfully authenticated
author	Christopher Speller <crspeller@gmail.com>	2016-06-05 02:38:36 -0400
committer	enahum <nahumhbl@gmail.com>	2016-06-05 03:38:36 -0300
commit	919eea73b6134e6bc0277b7a29d8dc687ff52bf7 (patch)
tree	17c22acf282a4b39ba51c23aaf60b1d870814e07 /api
parent	8936d67044fc04476ec8e542bf9835f35ad39a0a (diff)
download	chat-919eea73b6134e6bc0277b7a29d8dc687ff52bf7.tar.gz chat-919eea73b6134e6bc0277b7a29d8dc687ff52bf7.tar.bz2 chat-919eea73b6134e6bc0277b7a29d8dc687ff52bf7.zip