diff options
| author | Paul Arthur <paul.arthur@flowerysong.com> | 2011-11-18 15:38:59 -0500 |
|---|---|---|
| committer | Paul Arthur <paul.arthur@flowerysong.com> | 2011-11-18 15:38:59 -0500 |
| commit | 914261dcddd1178dd7eb6558095afc6bcdf8ddc9 (patch) | |
| tree | b44af2e9a1ad6a24802eb98ffa8d29fc91d928ba | |
| parent | 20311fe03e46667f8e1ce8efd25d42948038fe0e (diff) | |
| download | ampache-914261dcddd1178dd7eb6558095afc6bcdf8ddc9.tar.gz ampache-914261dcddd1178dd7eb6558095afc6bcdf8ddc9.tar.bz2 ampache-914261dcddd1178dd7eb6558095afc6bcdf8ddc9.zip | |
Add the ability to locally cache passwords validated by external means
This can, for instance, be used to allow LDAP authenticated users to use the
API without manually setting a password, as long as they've logged in using
the web interface at least once.
| -rw-r--r-- | config/ampache.cfg.php.dist | 7 | ||||
| -rwxr-xr-x | docs/CHANGELOG | 2 | ||||
| -rw-r--r-- | login.php | 5 |
3 files changed, 14 insertions, 0 deletions
diff --git a/config/ampache.cfg.php.dist b/config/ampache.cfg.php.dist index 5e76d7e9..dd0da9ad 100644 --- a/config/ampache.cfg.php.dist +++ b/config/ampache.cfg.php.dist @@ -85,6 +85,13 @@ session_cookiesecure = 0 ; VALUES: mysql,ldap,http,local auth_methods = "mysql" +; Automatic local password updating +; Determines whether successful authentication against an external source +; will result in an update to the password stored in the database. +; A locally stored password is needed for API access. +; DEFAULT: false +;auth_password_save = "false" + ; Logout redirection target ; Defaults to our own login.php, but we can override it here if, for instance, ; we want to redirect to an SSO provider instead. diff --git a/docs/CHANGELOG b/docs/CHANGELOG index eb3330f4..606f9fbb 100755 --- a/docs/CHANGELOG +++ b/docs/CHANGELOG @@ -4,6 +4,8 @@ -------------------------------------------------------------------------- v.3.6-Alpha2 + - Added the ability to locally cache passwords validated by external + means (e.g. to allow LDAP authenticated users to use the API) - Fixed session handling to actually use our custom handler (reported by ss23) - Fixed Last.FM art method (reported by claudio) @@ -130,6 +130,11 @@ if (($_POST['username'] && $_POST['password']) || } } // End if auto_create + // This allows stealing passwords validated by external means + // such as LDAP + if (Config::get('auth_password_save') && $auth['success'] && $password) { + $user->update_password($password); + } } // if we aren't in demo mode } // if they passed a username/password |