Make LDAP be able to skip local 2FA (#16954)

This PR extends #16594 to allow LDAP to be able to be set to skip local 2FA too. The technique used here would be extensible to PAM and SMTP sources. Signed-off-by: Andrew Thornton <art27@cantab.net>
2025-07-03 09:07:19 +00:00 · 2021-09-17 12:43:47 +01:00
parent f96d0d3d5b
commit 27b351aba5
16 changed files with 84 additions and 19 deletions
--- a/services/auth/source/ldap/source_authenticate.go
+++ b/services/auth/source/ldap/source_authenticate.go
@ -97,3 +97,8 @@ func (source *Source) Authenticate(user *models.User, login, password string) (*

 	return user, err
 }
+
+// IsSkipLocalTwoFA returns if this source should skip local 2fa for password authentication
+func (source *Source) IsSkipLocalTwoFA() bool {
+	return source.SkipLocalTwoFA
+}