causefx / Organizr

HTPC/Homelab Services Organizer - Written in PHP
GNU General Public License v3.0
5.2k stars 292 forks source link

Password fields in the Account Settings/User Information window are not blocked when authentication is set to Backend/LDAP #1662

Open tmkklivecom opened 3 years ago

tmkklivecom commented 3 years ago
Organizr Version: V 2.1.333
Branch: Master/Develop
WebServer: Nginx/Apache
Operating System: Docker

Problem Description:

When authentication is set to Backend/LDAP, the Password and Verify Password fields in the Account Settings/User Information window are not blocked. When Users utilize these fields they get an impression that they changed the password while in fact they didn't.

1245 blocked password recover with mail. There is a need for similar fix that blocks the Password and Verify Password fields in the Account Settings/User Information window when authentication is set to backend/ldap.


Reproduction Steps:

Authentication set to Backend/Ldap . User (hosted on the ldap) signed in. User goes to Account settings in the upper right corner. User changes password. User cannot successfuly sign in with the new password .


Capture

github-actions[bot] commented 3 years ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs.

wcocaboose commented 3 years ago

Organizr Version: V 2.1.496 Branch: Master/Develop WebServer: Nginx/Apache Operating System: Docker

Using tmkklivecom's steps this issue is reproducible in my Organizr / ldap implementation.