Feature: Add "Authentication Method" to allow existing users to sign in with LDAP (#2143)

* adds authentication method for users * fix db migration with postgres * tests for auth method * update migration ids * hide auth method on user creation form * (docs): Added documentation for the new authentication method * update migration * add to auto-form instead of having hidden fields
2025-07-25 08:09:41 +02:00 · 2023-02-26 13:12:16 -06:00 · 2023-02-26 13:12:16 -06:00 · 2e6ad5da8e
commit 2e6ad5da8e
parent 39012adcc1
24 changed files with 213 additions and 24 deletions
--- a/tests/integration_tests/admin_tests/test_admin_user_actions.py
+++ b/tests/integration_tests/admin_tests/test_admin_user_actions.py
@ -1,6 +1,7 @@
 from fastapi.testclient import TestClient

 from mealie.core.config import get_app_settings
+from mealie.db.models.users.users import AuthMethod
 from tests import utils
 from tests.utils import api_routes
 from tests.utils.factories import random_email, random_string
@ -55,6 +56,7 @@ def test_create_user(api_client: TestClient, admin_token):
    assert user_data["email"] == create_data["email"]
    assert user_data["group"] == create_data["group"]
    assert user_data["admin"] == create_data["admin"]
+    assert user_data["authMethod"] == AuthMethod.MEALIE.value


 def test_create_user_as_non_admin(api_client: TestClient, user_token):
@ -73,6 +75,7 @@ def test_update_user(api_client: TestClient, admin_user: TestUser):
    # Change data
    update_data["fullName"] = random_string()
    update_data["email"] = random_email()
+    update_data["authMethod"] = AuthMethod.LDAP.value

    response = api_client.put(
        api_routes.admin_users_item_id(update_data["id"]), headers=admin_user.token, json=update_data
@ -80,6 +83,11 @@ def test_update_user(api_client: TestClient, admin_user: TestUser):

    assert response.status_code == 200

+    user_data = response.json()
+    assert user_data["fullName"] == update_data["fullName"]
+    assert user_data["email"] == update_data["email"]
+    assert user_data["authMethod"] == update_data["authMethod"]
+

 def test_update_other_user_as_not_admin(api_client: TestClient, unique_user: TestUser, g2_user: TestUser):
    settings = get_app_settings()
--- a/tests/integration_tests/user_tests/test_user_password_reset_service.py
+++ b/tests/integration_tests/user_tests/test_user_password_reset_service.py
@ -4,6 +4,7 @@ import pytest
 from fastapi.testclient import TestClient

 from mealie.db.db_setup import session_context
+from mealie.schema.user.user import PrivateUser
 from mealie.services.user_services.password_reset_service import PasswordResetService
 from tests.utils import api_routes
 from tests.utils.factories import random_string
@ -56,3 +57,24 @@ def test_password_reset(api_client: TestClient, unique_user: TestUser, casing: s
    # Test successful password reset
    response = api_client.post(api_routes.users_reset_password, json=payload)
    assert response.status_code == 400
+
+
+@pytest.mark.parametrize("casing", ["lower", "upper", "mixed"])
+def test_password_reset_ldap(ldap_user: PrivateUser, casing: str):
+    cased_email = ""
+    if casing == "lower":
+        cased_email = ldap_user.email.lower()
+    elif casing == "upper":
+        cased_email = ldap_user.email.upper()
+    else:
+        for i, letter in enumerate(ldap_user.email):
+            if i % 2 == 0:
+                cased_email += letter.upper()
+            else:
+                cased_email += letter.lower()
+        cased_email
+
+    with session_context() as session:
+        service = PasswordResetService(session)
+        token = service.generate_reset_token(cased_email)
+        assert token is None