option to enforce CryptPad password for SSO accounts

2023-11-07 16:02:27 +01:00 · 2023-11-07 16:02:27 +01:00 · 046e7abeb8
commit 046e7abeb8
parent ade5572473
2 changed files with 5 additions and 2 deletions
--- a/lib/http-worker.js
+++ b/lib/http-worker.js
@ -546,9 +546,9 @@ var makeRouteCache = function (template, cacheName) {

 const ssoList = Env.sso && Env.sso.enabled && Array.isArray(Env.sso.list) &&
                Env.sso.list.map(function (obj) { return obj.name; }) || [];
-const ssoCfg = ssoList.length ? {
+const ssoCfg = (SSOUtils && ssoList.length) ? {
    force: (Env.sso && Env.sso.enforced && 1) || 0,
-    password: (Env.sso && Env.sso.cpPassword && 1) || 0,
+    password: (Env.sso && Env.sso.cpPassword && (Env.sso.forceCpPassword ? 2 : 1)) || 0,
    list: ssoList
 } : false;
 var serveConfig = makeRouteCache(function () {
--- a/www/ssoauth/main.js
+++ b/www/ssoauth/main.js
@ -132,6 +132,9 @@ define([
                if (data.register && pw && !Cred.isLongEnoughPassword(pw)) {
                    return void UI.warn(Messages.register_passwordTooShort);
                }
+                if (data.register && !pw && ApiConfig.sso.password === 2) {
+                    return void UI.warn(Messages.register_passwordTooShort);
+                }
                $button.prop('disabled', 'disabled');

                if (data.register) {