Encrypt LDAP bind password in db with SECRET_KEY (#15547)

* Encrypt LDAP bind password in db with SECRET_KEY The LDAP source bind password are currently stored in plaintext in the db This PR simply encrypts them with the setting.SECRET_KEY. Fix #15460 Signed-off-by: Andrew Thornton <art27@cantab.net> * remove ui warning regarding unencrypted password Co-authored-by: silverwind <me@silverwind.io>
author: zeripath <art27@cantab.net> 2021-05-20 09:29:57 +0100
committer: GitHub <noreply@github.com> 2021-05-20 09:29:57 +0100
commit: 17be64549845a53f3954f0f2190c085affe7a13f (patch)
tree: fb9b1afc48cd1b7541ebe71bf8d4dbbffa6375be /docs
parent: 124b256c53a80e56df7465d2039c8d2a5f6fae2d (diff)
download: gitea-17be64549845a53f3954f0f2190c085affe7a13f.tar.gz
gitea-17be64549845a53f3954f0f2190c085affe7a13f.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/docs/content/doc/features/authentication.en-us.md b/docs/content/doc/features/authentication.en-us.md
index 0c83fa4d2f..223d7aa4fb 100644
--- a/docs/content/doc/features/authentication.en-us.md
+++ b/docs/content/doc/features/authentication.en-us.md
@@ -88,8 +88,8 @@ Adds the following fields:
 - Bind Password (optional)
 
   - The password for the Bind DN specified above, if any. _Note: The password
-    is stored in plaintext at the server. As such, ensure that the Bind DN
-    has as few privileges as possible._
+    is stored encrypted with the SECRET_KEY on the server. It is still recommended
+    to ensure that the Bind DN has as few privileges as possible._
 
 - User Search Base **(required)**
author	zeripath <art27@cantab.net>	2021-05-20 09:29:57 +0100
committer	GitHub <noreply@github.com>	2021-05-20 09:29:57 +0100
commit	17be64549845a53f3954f0f2190c085affe7a13f (patch)
tree	fb9b1afc48cd1b7541ebe71bf8d4dbbffa6375be /docs
parent	124b256c53a80e56df7465d2039c8d2a5f6fae2d (diff)
download	gitea-17be64549845a53f3954f0f2190c085affe7a13f.tar.gz gitea-17be64549845a53f3954f0f2190c085affe7a13f.zip