Add SkipLocal2FA option to pam and smtp sources (#17078)

* Add SkipLocal2FA option to other pam and smtp sources Extend #16954 to allow setting skip local 2fa on pam and SMTP authentication sources Signed-off-by: Andrew Thornton <art27@cantab.net> * make SkipLocal2FA omitempty Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: 6543 <6543@obermui.de>
2025-10-31 19:38:23 +00:00 · 2021-09-27 02:02:01 +01:00
parent 74542ad35b
commit 7e98cd58dd
10 changed files with 48 additions and 6 deletions
--- a/services/auth/source/ldap/source.go
+++ b/services/auth/source/ldap/source.go
@@ -53,7 +53,7 @@ type Source struct {
 	GroupFilter           string // Group Name Filter
 	GroupMemberUID        string // Group Attribute containing array of UserUID
 	UserUID               string // User Attribute listed in Group
-	SkipLocalTwoFA        bool   // Skip Local 2fa for users authenticated with this source
+	SkipLocalTwoFA        bool   `json:",omitempty"` // Skip Local 2fa for users authenticated with this source

 	// reference to the loginSource
 	loginSource *login.Source
--- a/services/auth/source/oauth2/source.go
+++ b/services/auth/source/oauth2/source.go
@@ -25,7 +25,7 @@ type Source struct {
 	OpenIDConnectAutoDiscoveryURL string
 	CustomURLMapping              *CustomURLMapping
 	IconURL                       string
-	SkipLocalTwoFA                bool
+	SkipLocalTwoFA                bool `json:",omitempty"`

 	// reference to the loginSource
 	loginSource *login.Source
--- a/services/auth/source/pam/source.go
+++ b/services/auth/source/pam/source.go
@@ -19,8 +19,9 @@ import (

 // Source holds configuration for the PAM login source.
 type Source struct {
-	ServiceName string // pam service (e.g. system-auth)
-	EmailDomain string
+	ServiceName    string // pam service (e.g. system-auth)
+	EmailDomain    string
+	SkipLocalTwoFA bool `json:",omitempty"` // Skip Local 2fa for users authenticated with this source

 	// reference to the loginSource
 	loginSource *login.Source
--- a/services/auth/source/pam/source_authenticate.go
+++ b/services/auth/source/pam/source_authenticate.go
@@ -69,3 +69,8 @@ func (source *Source) Authenticate(user *models.User, userName, password string)

 	return user, nil
 }
+
+// IsSkipLocalTwoFA returns if this source should skip local 2fa for password authentication
+func (source *Source) IsSkipLocalTwoFA() bool {
+	return source.SkipLocalTwoFA
+}
--- a/services/auth/source/smtp/source.go
+++ b/services/auth/source/smtp/source.go
@@ -27,6 +27,7 @@ type Source struct {
 	SkipVerify     bool
 	HeloHostname   string
 	DisableHelo    bool
+	SkipLocalTwoFA bool `json:",omitempty"`

 	// reference to the loginSource
 	loginSource *login.Source
--- a/services/auth/source/smtp/source_authenticate.go
+++ b/services/auth/source/smtp/source_authenticate.go
@@ -85,3 +85,8 @@ func (source *Source) Authenticate(user *models.User, userName, password string)

 	return user, nil
 }
+
+// IsSkipLocalTwoFA returns if this source should skip local 2fa for password authentication
+func (source *Source) IsSkipLocalTwoFA() bool {
+	return source.SkipLocalTwoFA
+}