MyFavMirrors/MeshCentral
1
0
Fork 0
mirror of https://github.com/Ylianst/MeshCentral.git synced 2024-12-26 07:05:52 -05:00
Code Issues Packages Projects Releases Wiki Activity

allow password resets when using allowaccountreset and reset together #6261

Browse Source 
Signed-off-by: si458 <simonsmith5521@gmail.com>
This commit is contained in:
si458 2024-09-30 12:20:01 +01:00
parent 1139a37338
commit 8e5aa35bf3
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
webserver.js
View File

@ -1635,7 +1635,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
const sec = parent.decryptSessionData(req.session.e); const sec = parent.decryptSessionData(req.session.e);
// Check everything is ok // Check everything is ok
const allowAccountReset = ((typeof domain.passwordrequirements != 'object') || (domain.passwordrequirements.allowaccountreset !== false)); const allowAccountReset = ((typeof domain.passwordrequirements != 'object') || (typeof domain.passwordrequirements.reset === 'number' && domain.passwordrequirements.allowaccountreset !== false));
if ((allowAccountReset === false) || (domain == null) || (domain.auth == 'sspi') || (domain.auth == 'ldap') || (typeof req.body.rpassword1 != 'string') || (typeof req.body.rpassword2 != 'string') || (req.body.rpassword1 != req.body.rpassword2) || (typeof req.body.rpasswordhint != 'string') || (req.session == null) || (typeof sec.rtuser != 'string') || (typeof sec.rtpass != 'string')) { if ((allowAccountReset === false) || (domain == null) || (domain.auth == 'sspi') || (domain.auth == 'ldap') || (typeof req.body.rpassword1 != 'string') || (typeof req.body.rpassword2 != 'string') || (req.body.rpassword1 != req.body.rpassword2) || (typeof req.body.rpasswordhint != 'string') || (req.session == null) || (typeof sec.rtuser != 'string') || (typeof sec.rtpass != 'string')) {
parent.debug('web', 'handleResetPasswordRequest: checks failed'); parent.debug('web', 'handleResetPasswordRequest: checks failed');
delete req.session.e; delete req.session.e;