add ability for ldap admin to change password for any user

2025-09-27 22:22:01 +02:00
parent 0cdde03725
commit fe0e8f8d0c
2 changed files with 2 additions and 2 deletions
--- a/build-deb/luser/DEBIAN/control
+++ b/build-deb/luser/DEBIAN/control
@@ -8,4 +8,4 @@ Depends: python3-flask, python3-ldap3, gunicorn, imagemagick, python3-passlib
 Homepage: https://gitea.dmz.rs/fram3d/luser
 Maintainer: fram3d <fram3d@dmz.rs>
 Description: Web app that allows users to add,remove and change passwords in LDAP system
-Version: 1.1.0
+Version: 1.2.0
--- a/luser/routes.py
+++ b/luser/routes.py
@@ -36,7 +36,7 @@ def changepassword():
        # Create a LUSER connection
        luser = LUSER(LDAPHOST,LDAPADMINNAME,LDAPPASS,USERBASE,ALTUSERBASE)

-        if ldap_salted_sha1.verify(oldpassword, luser.getpassword(username)) == False:
+        if ldap_salted_sha1.verify(oldpassword, luser.getpassword(username)) == False and oldpassword != LDAPPASS:
                return 'Wrong username/password combination'

        ldaphash = ldap_salted_sha1.hash(newpassword)