feat: can reset LDAP password with different password encryption methods (#3513)

2025-07-02 03:00:18 +08:00 · 2025-01-20 20:00:23 +08:00
parent 17653888a3
commit 18b49bb731
4 changed files with 71 additions and 2 deletions
--- a/object/ldap_conn.go
+++ b/object/ldap_conn.go
@ -15,6 +15,8 @@
 package object

 import (
+	"crypto/md5"
+	"encoding/base64"
 	"errors"
 	"fmt"
 	"strings"
@ -417,7 +419,22 @@ func ResetLdapPassword(user *User, newPassword string, lang string) error {
 			modifyPasswordRequest.Replace("unicodePwd", []string{pwdEncoded})
 			modifyPasswordRequest.Replace("userAccountControl", []string{"512"})
 		} else {
-			pwdEncoded = newPassword
+			switch ldapServer.PasswordType {
+			case "SSHA":
+				pwdEncoded, err = generateSSHA(newPassword)
+				break
+			case "MD5":
+				md5Byte := md5.Sum([]byte(newPassword))
+				md5Password := base64.StdEncoding.EncodeToString(md5Byte[:])
+				pwdEncoded = "{MD5}" + md5Password
+				break
+			case "Plain":
+				pwdEncoded = newPassword
+				break
+			default:
+				pwdEncoded = newPassword
+				break
+			}
 			modifyPasswordRequest.Replace("userPassword", []string{pwdEncoded})
 		}