fix(password): force change password EE-6382 (#10708)

pull/10716/head
cmeng 1 year ago committed by GitHub
parent e3a995d515
commit 5c59c53e91
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

@ -30,6 +30,11 @@ type CurrentUserInspectResponse struct {
// @failure 500 "Server error" // @failure 500 "Server error"
// @router /users/me [get] // @router /users/me [get]
func (handler *Handler) userInspectMe(w http.ResponseWriter, r *http.Request) *httperror.HandlerError { func (handler *Handler) userInspectMe(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
tokenData, err := security.RetrieveTokenData(r)
if err != nil {
return httperror.InternalServerError("Unable to retrieve user authentication token", err)
}
securityContext, err := security.RetrieveRestrictedRequestContext(r) securityContext, err := security.RetrieveRestrictedRequestContext(r)
if err != nil { if err != nil {
return httperror.InternalServerError("Unable to retrieve info from request context", err) return httperror.InternalServerError("Unable to retrieve info from request context", err)
@ -42,8 +47,12 @@ func (handler *Handler) userInspectMe(w http.ResponseWriter, r *http.Request) *h
return httperror.InternalServerError("Unable to find a user with the specified identifier inside the database", err) return httperror.InternalServerError("Unable to find a user with the specified identifier inside the database", err)
} }
forceChangePassword := !handler.passwordStrengthChecker.Check(user.Password)
hideFields(user) hideFields(user)
return response.JSON(w, &CurrentUserInspectResponse{User: user, ForceChangePassword: forceChangePassword}) return response.JSON(
w,
&CurrentUserInspectResponse{
User: user,
ForceChangePassword: tokenData.ForceChangePassword,
},
)
} }

@ -126,10 +126,11 @@ func (service *Service) ParseAndVerifyToken(token string) (*portainer.TokenData,
} }
return &portainer.TokenData{ return &portainer.TokenData{
ID: portainer.UserID(cl.UserID), ID: portainer.UserID(cl.UserID),
Username: cl.Username, Username: cl.Username,
Role: portainer.UserRole(cl.Role), Role: portainer.UserRole(cl.Role),
Token: token, Token: token,
ForceChangePassword: cl.ForceChangePassword,
}, nil }, nil
} }
} }

Loading…
Cancel
Save