Resolve "Allow using Django-local accounts in addition to LDAP accounts" (!501) · Merge requests · AlekSIS® / Official / AlekSIS-Core

Nik | Klampfradler requested to merge 389-allow-using-django-local-accounts-in-addition-to-ldap-accounts into master Feb 25, 2021

This approach moves the check for the SET_USABLE_PASSWORD setting to happen before failing authentication. If we do not handle passwords, we allow logging in with whatever is there.

The default behaviour remains to fail authentication for users that are not found in LDAP for the security reasons pointed out in #389 (closed).

Closes #388, #389 (closed)

@debdolph We have to check what this does to the password changing feature. How does it behave if we disable usable Django passwords, and do we need to disable the feature then?

Edited Apr 04, 2021 by Tom Teichler

Resolve "Allow using Django-local accounts in addition to LDAP accounts"

Merge request reports