Compare commits
2 Commits
b4707d53dd
...
97a822ae15
| Author | SHA1 | Date | |
|---|---|---|---|
|
97a822ae15 | ||
|
|
fa22e04e65 |
81
plugin.rb
81
plugin.rb
@ -4,54 +4,57 @@
|
||||
|
||||
# name: discourse-md5_authentication
|
||||
# about: A plugin to authenticate users with MD5 passwords from legacy systems
|
||||
# version: 0.3
|
||||
# version: 0.5
|
||||
# authors: saint
|
||||
# url: https://gitea.federated.computer/saint/discourse-md5_authentication.git
|
||||
|
||||
# This block will run after Discourse has initialized
|
||||
after_initialize do
|
||||
Rails.logger.error("MD5 Authentication Plugin: Initialized")
|
||||
class ::User
|
||||
module LegacyMd5Authentication
|
||||
def self.included(base)
|
||||
base.singleton_class.prepend(ClassMethods)
|
||||
end
|
||||
# Define a module to contain the MD5 authentication logic
|
||||
module LegacyMd5Authentication
|
||||
# Override the current_user method to include MD5 authentication
|
||||
def current_user
|
||||
# Attempt to find the current user using the standard Discourse method
|
||||
user = super
|
||||
return user if user
|
||||
|
||||
module ClassMethods
|
||||
def authenticate(login, password)
|
||||
Rails.logger.error("LegacyMd5Authentication: Trying to authenticate user with login #{login}")
|
||||
# Check for MD5 authentication if no user is found by the standard method
|
||||
email_or_username = @request.params[:login]
|
||||
password = @request.params[:password]
|
||||
|
||||
user = nil
|
||||
|
||||
if login.include?('@')
|
||||
# Assume it's an email address
|
||||
user_email = UserEmail.find_by(email: login.downcase.strip)
|
||||
user = user_email ? User.find(user_email.user_id) : nil
|
||||
else
|
||||
# Assume it's a username
|
||||
user = User.find_by(username: login.downcase.strip)
|
||||
if email_or_username && password
|
||||
# Log the start of the MD5 authentication attempt
|
||||
Rails.logger.info("MD5 Auth: Attempting to authenticate #{email_or_username}")
|
||||
|
||||
# Find the user by username or email, ignoring case
|
||||
user = User.find_by_username_or_email(email_or_username.downcase.strip)
|
||||
|
||||
# Log if a user with an MD5 password is found
|
||||
if user && user.custom_fields['md5_password']
|
||||
Rails.logger.info("MD5 Auth: User found with MD5 password - #{user.username}")
|
||||
|
||||
# Check if the provided password matches the stored MD5 password
|
||||
if user.custom_fields['md5_password'] == Digest::MD5.hexdigest(password)
|
||||
# Log the successful MD5 password match
|
||||
Rails.logger.info("MD5 Auth: MD5 password match for user #{user.username}")
|
||||
|
||||
# Update the user to use the new password and clear the MD5 password
|
||||
user.update!(password: password)
|
||||
user.custom_fields['md5_password'] = nil
|
||||
user.save_custom_fields
|
||||
|
||||
# Set the current user in the environment
|
||||
@env[CURRENT_USER_KEY] = user
|
||||
return user
|
||||
end
|
||||
|
||||
if user
|
||||
Rails.logger.error("LegacyMd5Authentication: User found: #{user.username}")
|
||||
if user.custom_fields['md5_password'] && user.custom_fields['md5_password'] == Digest::MD5.hexdigest(password)
|
||||
Rails.logger.error("LegacyMd5Authentication: MD5 password match for user: #{user.username}")
|
||||
user.update!(password: password)
|
||||
user.custom_fields['md5_password'] = nil
|
||||
user.save_custom_fields
|
||||
return user
|
||||
else
|
||||
Rails.logger.error("LegacyMd5Authentication: MD5 password did not match for user: #{user.username}")
|
||||
end
|
||||
else
|
||||
Rails.logger.error("LegacyMd5Authentication: No user found with login #{login}")
|
||||
end
|
||||
|
||||
super(login, password)
|
||||
end
|
||||
end
|
||||
|
||||
# Fallback to the original current_user method
|
||||
nil
|
||||
end
|
||||
|
||||
include LegacyMd5Authentication
|
||||
end
|
||||
end
|
||||
|
||||
# Prepend our module to the DefaultCurrentUserProvider class
|
||||
Auth::DefaultCurrentUserProvider.prepend LegacyMd5Authentication
|
||||
end
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user