oidc: allow login if the password method is disabled

isLoggedInWithOIDC returns false before login so we need to add a specific check Fixes #1879 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2025-12-07 23:00:55 +03:00 · 2025-03-29 20:37:24 +01:00
parent b98bfbb0d9
commit 16f4031085
7 changed files with 18 additions and 17 deletions
--- a/internal/httpd/api_http_user.go
+++ b/internal/httpd/api_http_user.go
@@ -49,7 +49,7 @@ func getUserConnection(w http.ResponseWriter, r *http.Request) (*Connection, err
 	connID := xid.New().String()
 	protocol := getProtocolFromRequest(r)
 	connectionID := fmt.Sprintf("%v_%v", protocol, connID)
-	if err := checkHTTPClientUser(&user, r, connectionID, false); err != nil {
+	if err := checkHTTPClientUser(&user, r, connectionID, false, false); err != nil {
 		sendAPIResponse(w, r, err, http.StatusText(http.StatusForbidden), http.StatusForbidden)
 		return nil, err
 	}