[Feature] improve ldap user management

[zhoulii]

Search before asking

• [X] I had searched in the feature and found no similar feature requirement.

Description

Streampark support Sign in with LDAP or Sign in with password.

Suppose there is a LDAP user {name:user_a，password:123}, when this user login for the first time, Streampark will create a user {name:user_a，password:123}(here we ignore the encryption) in user system. This will lead two security problems:

• user_a are able to Sign in with password no matter what the status of LDAP service
• if user_a's password is changed in LDAP, before Sign in with LDAP again, user_a can still sign in with the old password.

So I propose to forbid LDAP user Sign in with password. Besides, the LDAP user is usually managed by some LDAP client, reset the password of a LDAP user in Streampark is unreasonable, we should hide the reset button for LDAP user in Streampark webui.

Usage Scenario

No response

Related issues

No response

Are you willing to submit a PR?

• [X] Yes I am willing to submit a PR!

Code of Conduct

• [X] I agree to follow this project's Code of Conduct

[zhoulii]

Hi @wolfboys , what's your opinion?

[wolfboys]

Hi @wolfboys , what's your opinion?

great, I agree with you