Auto-create users after external auth when enable-user-on-auth is on
This commit is contained in:
Simon Ser
parent
c79fc0c19e
commit
ca2d666056
|
|
@ -185,6 +185,9 @@ The following directives are supported:
|
|||
This can be used together with _disable-inactive-user_ to seamlessly
|
||||
disable and re-enable users during lengthy inactivity.
|
||||
|
||||
When external authentication is used (e.g. _auth oauth2_), bouncer users
|
||||
are automatically created after successfull authentication.
|
||||
|
||||
*auth* <driver> ...
|
||||
Set the authentication method. By default, internal authentication is used.
|
||||
|
||||
|
|
|
|||
|
|
@ -1260,6 +1260,20 @@ func unmarshalUsername(rawUsername string) (username, client, network string) {
|
|||
|
||||
func (dc *downstreamConn) setUser(username, clientName, networkName string) error {
|
||||
dc.user = dc.srv.getUser(username)
|
||||
if dc.user == nil && dc.user.srv.Config().EnableUsersOnAuth {
|
||||
ctx := context.TODO()
|
||||
if _, err := dc.user.srv.db.GetUser(ctx, username); err != nil {
|
||||
// Can't find the user in the DB -- try to create it
|
||||
record := database.User{
|
||||
Username: username,
|
||||
Enabled: true,
|
||||
}
|
||||
dc.user, err = dc.user.srv.createUser(ctx, &record)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to automatically create user %q after successful authentication: %v", username, err)
|
||||
}
|
||||
}
|
||||
}
|
||||
if dc.user == nil {
|
||||
return fmt.Errorf("user exists in the DB but hasn't been loaded by the bouncer -- a restart may help")
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue