From 17be64549845a53f3954f0f2190c085affe7a13f Mon Sep 17 00:00:00 2001
From: zeripath <art27@cantab.net>
Date: Thu, 20 May 2021 09:29:57 +0100
Subject: Encrypt LDAP bind password in db with SECRET_KEY (#15547)

* Encrypt LDAP bind password in db with SECRET_KEY

The LDAP source bind password are currently stored in plaintext in the db
This PR simply encrypts them with the setting.SECRET_KEY.

Fix #15460

Signed-off-by: Andrew Thornton <art27@cantab.net>

* remove ui warning regarding unencrypted password

Co-authored-by: silverwind <me@silverwind.io>
---
 templates/admin/auth/edit.tmpl        | 1 -
 templates/admin/auth/source/ldap.tmpl | 1 -
 2 files changed, 2 deletions(-)

(limited to 'templates/admin')

diff --git a/templates/admin/auth/edit.tmpl b/templates/admin/auth/edit.tmpl
index e4d7a2e1e1..d825cd7d12 100644
--- a/templates/admin/auth/edit.tmpl
+++ b/templates/admin/auth/edit.tmpl
@@ -53,7 +53,6 @@
 						<div class="field">
 							<label for="bind_password">{{.i18n.Tr "admin.auths.bind_password"}}</label>
 							<input id="bind_password" name="bind_password" type="password" value="{{$cfg.BindPassword}}">
-							<p class="help text red">{{.i18n.Tr "admin.auths.bind_password_helper"}}</p>
 						</div>
 					{{end}}
 					<div class="{{if .Source.IsLDAP}}required{{end}} field">
diff --git a/templates/admin/auth/source/ldap.tmpl b/templates/admin/auth/source/ldap.tmpl
index 584538f53b..1cbcb2fd41 100644
--- a/templates/admin/auth/source/ldap.tmpl
+++ b/templates/admin/auth/source/ldap.tmpl
@@ -28,7 +28,6 @@
 	<div class="ldap field {{if not (eq .type 2)}}hide{{end}}">
 		<label for="bind_password">{{.i18n.Tr "admin.auths.bind_password"}}</label>
 		<input id="bind_password" name="bind_password" type="password" autocomplete="off" value="{{.bind_password}}">
-		<p class="help text red">{{.i18n.Tr "admin.auths.bind_password_helper"}}</p>
 	</div>
 	<div class="binddnrequired {{if (eq .type 2)}}required{{end}} field">
 		<label for="user_base">{{.i18n.Tr "admin.auths.user_base"}}</label>
-- 
cgit v1.2.3