From 7e98cd58dd670fd83c0ace5e9c8ef9a0407fd575 Mon Sep 17 00:00:00 2001 From: zeripath Date: Mon, 27 Sep 2021 02:02:01 +0100 Subject: Add SkipLocal2FA option to pam and smtp sources (#17078) * Add SkipLocal2FA option to other pam and smtp sources Extend #16954 to allow setting skip local 2fa on pam and SMTP authentication sources Signed-off-by: Andrew Thornton * make SkipLocal2FA omitempty Signed-off-by: Andrew Thornton Co-authored-by: 6543 <6543@obermui.de> --- services/auth/source/pam/source.go | 5 +++-- services/auth/source/pam/source_authenticate.go | 5 +++++ 2 files changed, 8 insertions(+), 2 deletions(-) (limited to 'services/auth/source/pam') diff --git a/services/auth/source/pam/source.go b/services/auth/source/pam/source.go index 0bfa7cdb06..73850cd9a2 100644 --- a/services/auth/source/pam/source.go +++ b/services/auth/source/pam/source.go @@ -19,8 +19,9 @@ import ( // Source holds configuration for the PAM login source. type Source struct { - ServiceName string // pam service (e.g. system-auth) - EmailDomain string + ServiceName string // pam service (e.g. system-auth) + EmailDomain string + SkipLocalTwoFA bool `json:",omitempty"` // Skip Local 2fa for users authenticated with this source // reference to the loginSource loginSource *login.Source diff --git a/services/auth/source/pam/source_authenticate.go b/services/auth/source/pam/source_authenticate.go index ad6fbb5cce..cb5ffc2861 100644 --- a/services/auth/source/pam/source_authenticate.go +++ b/services/auth/source/pam/source_authenticate.go @@ -69,3 +69,8 @@ func (source *Source) Authenticate(user *models.User, userName, password string) return user, nil } + +// IsSkipLocalTwoFA returns if this source should skip local 2fa for password authentication +func (source *Source) IsSkipLocalTwoFA() bool { + return source.SkipLocalTwoFA +} -- cgit v1.2.3