mirror of
https://github.com/steveiliop56/tinyauth.git
synced 2026-05-12 15:28:20 +00:00
Ilyas
a9eac7edd2
* fix(ldap): pass through LDAP mail attribute instead of crafting email TinyAuth was constructing LDAP user emails as username@CookieDomain instead of using the mail attribute stored in the directory. This caused OIDC clients like Grafana to receive a synthetic email rather than the real one. Rename GetUserDN to GetUserInfo and extend it to also fetch the mail attribute in the same LDAP query. Thread the result through UserSearch and use it in both the login flow and the basic auth middleware, falling back to the crafted email only when LDAP returns no mail value. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * chore: add ldap email logic back after main merge --------- Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com> Co-authored-by: Stavros <steveiliop56@gmail.com>
27 lines
462 B
Go
27 lines
462 B
Go
package model
|
|
|
|
type UserSearchType int
|
|
|
|
const (
|
|
UserLocal UserSearchType = iota
|
|
UserLDAP
|
|
)
|
|
|
|
type LDAPUser struct {
|
|
DN string
|
|
Groups []string
|
|
}
|
|
|
|
type LocalUser struct {
|
|
Username string
|
|
Password string
|
|
TOTPSecret string
|
|
Attributes UserAttributes
|
|
}
|
|
|
|
type UserSearch struct {
|
|
Username string
|
|
Email string // used for LDAP, we can't throw it to LDAPUser because it would need another cache or an LDAP lookup every time
|
|
Type UserSearchType
|
|
}
|