authentication_policy: check isPasswordValid on the login corresponding to that username

Useful in the context of password reset

authentication_policy: check isPasswordValid on the login corresponding to that username
Useful in the context of password reset
837a3165 · Jérome Perrin · a868860f · 837a3165
Commit 837a3165 authored Jan 12, 2017 by Jérome Perrin
Hide whitespace changes
Inline Side-by-side

Showing with 7 additions and 0 deletions

bt5/erp5_authentication_policy/SkinTemplateItem/portal_skins/erp5_authentication_policy/Login_isPasswordValid.py ...skins/erp5_authentication_policy/Login_isPasswordValid.py +7 -0

No files found.
--- a/bt5/erp5_authentication_policy/SkinTemplateItem/portal_skins/erp5_authentication_policy/Login_isPasswordValid.py
+++ b/bt5/erp5_authentication_policy/SkinTemplateItem/portal_skins/erp5_authentication_policy/Login_isPasswordValid.py
@@ -14,4 +14,11 @@ def doValidation(login, password):
    raise ValidationError('external_validator_failed', context, error_text=message)
  return 1

+user_login = request.get('field_user_login', None)
+# find login account provider and validate it on it (password recovered for an existing account)
+if user_login:
+  login = context.Base_getLoginValueByUserName(user_name)
+  if user is not None:
+    return doValidation(login, password)
+
 return doValidation(context, password)