admin/n8n-enterprise-unlocked
1
0
Fork 0
mirror of https://github.com/Abdulazizzn/n8n-enterprise-unlocked.git synced 2025-12-20 03:12:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: Add manual login option and password reset link for SSO (#6328)

Browse Source 
* consolidate IUserSettings in workflow and add allowSSOManualLogin

* add pw reset link to owners ui
This commit is contained in:
Michael Auerswald
2023-05-30 12:52:02 +02:00
committed by GitHub
parent 8f0ff460b1
commit 77e3f1551d
15 changed files with 215 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
packages/cli/src/controllers/passwordReset.controller.ts
View File

@@ -1,5 +1,4 @@
import { IsNull, MoreThanOrEqual, Not } from 'typeorm';
import { v4 as uuid } from 'uuid';
import validator from 'validator';
import { Get, Post, RestController } from '@/decorators';
import {
@@ -25,6 +24,7 @@ import type { IDatabaseCollections, IExternalHooksClass, IInternalHooksClass } f
import { issueCookie } from '@/auth/jwt';
import { isLdapEnabled } from '@/Ldap/helpers';
import { isSamlCurrentAuthenticationMethod } from '../sso/ssoHelpers';
import { UserService } from '../user/user.service';
@RestController()
export class PasswordResetController {
@@ -103,7 +103,10 @@ export class PasswordResetController {
relations: ['authIdentities', 'globalRole'],
});
if (isSamlCurrentAuthenticationMethod() && user?.globalRole.name !== 'owner') {
if (
isSamlCurrentAuthenticationMethod() &&
!(user?.globalRole.name === 'owner' || user?.settings?.allowSSOManualLogin === true)
) {
this.logger.debug(
'Request to send password reset email failed because login is handled by SAML',
);
@@ -126,18 +129,9 @@ export class PasswordResetController {
throw new UnprocessableRequestError('forgotPassword.ldapUserPasswordResetUnavailable');
}
user.resetPasswordToken = uuid();
const { id, firstName, lastName, resetPasswordToken } = user;
const resetPasswordTokenExpiration = Math.floor(Date.now() / 1000) + 7200;
await this.userRepository.update(id, { resetPasswordToken, resetPasswordTokenExpiration });
const baseUrl = getInstanceBaseUrl();
const url = new URL(`${baseUrl}/change-password`);
url.searchParams.append('userId', id);
url.searchParams.append('token', resetPasswordToken);
const { id, firstName, lastName } = user;
const url = UserService.generatePasswordResetUrl(user);
try {
await this.mailer.passwordReset({