fix: adjust the password check logic for ldap user (#597)

* fix: the password check logic for ldap user. LDAP user should only use the ldap connection to check the password. * fix: code format
2025-07-01 01:50:20 +08:00 · 2022-03-28 17:19:58 +08:00
parent 879ca6a488
commit e3f5bf93b2
1 changed files with 7 additions and 8 deletions
--- a/object/check.go
+++ b/object/check.go
@ -180,16 +180,15 @@ func CheckUserPassword(organization string, username string, password string) (*
 		return nil, "the user is forbidden to sign in, please contact the administrator"
 	}

-	msg := CheckPassword(user, password)
-	if msg != "" {
-		//for ldap users
-		if user.Ldap != "" {
-			return checkLdapUserPassword(user, password)
+	if user.Ldap != "" {
+		//ONLY for ldap users
+		return checkLdapUserPassword(user, password)
+	} else {
+		msg := CheckPassword(user, password)
+		if msg != "" {
+			return nil, msg
 		}
-
-		return nil, msg
 	}
-
 	return user, ""
 }