From 0b801fb82766570c6f95b85830fa6541bdb56dfc Mon Sep 17 00:00:00 2001 From: Thomasr Date: Thu, 24 Apr 2025 16:13:43 -0400 Subject: [PATCH] Allow super admin to login even when email login is disabled --- .../service/AuthenticationApiServiceImpl.java | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/server/api-service/lowcoder-server/src/main/java/org/lowcoder/api/authentication/service/AuthenticationApiServiceImpl.java b/server/api-service/lowcoder-server/src/main/java/org/lowcoder/api/authentication/service/AuthenticationApiServiceImpl.java index 4c1dee60d..ff15c8187 100644 --- a/server/api-service/lowcoder-server/src/main/java/org/lowcoder/api/authentication/service/AuthenticationApiServiceImpl.java +++ b/server/api-service/lowcoder-server/src/main/java/org/lowcoder/api/authentication/service/AuthenticationApiServiceImpl.java @@ -98,10 +98,23 @@ protected Mono authenticate(String authId, @Deprecated String source, }) .flatMap(findAuthConfig -> { context.setAuthConfig(findAuthConfig.authConfig()); + // Check if email/password is superadmin before checking EMAIL provider enable if (findAuthConfig.authConfig().getSource().equals("EMAIL")) { - if(StringUtils.isBlank(context.getOrgId())) { + if (StringUtils.isBlank(context.getOrgId())) { context.setOrgId(Optional.ofNullable(findAuthConfig.organization()).map(Organization::getId).orElse(null)); } + // --- Superadmin check start --- + if (context instanceof FormAuthRequestContext formContext) { + String email = formContext.getLoginId(); + String password = formContext.getPassword(); + String superAdminEmail = commonConfig.getSuperAdmin().getUserName(); + String superAdminPassword = commonConfig.getSuperAdmin().getPassword(); + if (StringUtils.equalsIgnoreCase(email, superAdminEmail) && StringUtils.equals(password, superAdminPassword)) { + // Allow superadmin login even if EMAIL provider is disabled + return Mono.just(findAuthConfig); + } + } + // --- Superadmin check end --- if(!findAuthConfig.authConfig().getEnable()) { return Mono.error(new BizException(EMAIL_PROVIDER_DISABLED, "EMAIL_PROVIDER_DISABLED")); } pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy