From 23cc565f41c2c358554fd58bdabf21f4a898eaa8 Mon Sep 17 00:00:00 2001
From: Steven Weathers <steven@weathers.me>
Date: Tue, 29 Oct 2024 21:04:54 -0400
Subject: [PATCH] Remove password field length validation for ldap logins

Fixes #642
---
 docs/swagger/docs.go      | 19 +++++++++++++++++--
 docs/swagger/swagger.json | 19 +++++++++++++++++--
 docs/swagger/swagger.yaml | 14 ++++++++++++--
 internal/http/auth.go     |  9 +++++++--
 4 files changed, 53 insertions(+), 8 deletions(-)

diff --git a/docs/swagger/docs.go b/docs/swagger/docs.go
index 50ef933a..8eb8a1c0 100644
--- a/docs/swagger/docs.go
+++ b/docs/swagger/docs.go
@@ -1745,11 +1745,11 @@ const docTemplate = `{
                 "summary": "Login LDAP",
                 "parameters": [
                     {
-                        "description": "user login object",
+                        "description": "user ldap login object",
                         "name": "credentials",
                         "in": "body",
                         "schema": {
-                            "$ref": "#/definitions/http.userLoginRequestBody"
+                            "$ref": "#/definitions/http.userLoginLdapRequestBody"
                         }
                     }
                 ],
@@ -11426,6 +11426,21 @@ const docTemplate = `{
                 }
             }
         },
+        "http.userLoginLdapRequestBody": {
+            "type": "object",
+            "required": [
+                "email",
+                "password"
+            ],
+            "properties": {
+                "email": {
+                    "type": "string"
+                },
+                "password": {
+                    "type": "string"
+                }
+            }
+        },
         "http.userLoginRequestBody": {
             "type": "object",
             "required": [
diff --git a/docs/swagger/swagger.json b/docs/swagger/swagger.json
index 1b1e8dc7..827090e6 100644
--- a/docs/swagger/swagger.json
+++ b/docs/swagger/swagger.json
@@ -1737,11 +1737,11 @@
                 "summary": "Login LDAP",
                 "parameters": [
                     {
-                        "description": "user login object",
+                        "description": "user ldap login object",
                         "name": "credentials",
                         "in": "body",
                         "schema": {
-                            "$ref": "#/definitions/http.userLoginRequestBody"
+                            "$ref": "#/definitions/http.userLoginLdapRequestBody"
                         }
                     }
                 ],
@@ -11418,6 +11418,21 @@
                 }
             }
         },
+        "http.userLoginLdapRequestBody": {
+            "type": "object",
+            "required": [
+                "email",
+                "password"
+            ],
+            "properties": {
+                "email": {
+                    "type": "string"
+                },
+                "password": {
+                    "type": "string"
+                }
+            }
+        },
         "http.userLoginRequestBody": {
             "type": "object",
             "required": [
diff --git a/docs/swagger/swagger.yaml b/docs/swagger/swagger.yaml
index 93f71eaa..d2c7cf3f 100644
--- a/docs/swagger/swagger.yaml
+++ b/docs/swagger/swagger.yaml
@@ -638,6 +638,16 @@ definitions:
     - password1
     - password2
     type: object
+  http.userLoginLdapRequestBody:
+    properties:
+      email:
+        type: string
+      password:
+        type: string
+    required:
+    - email
+    - password
+    type: object
   http.userLoginRequestBody:
     properties:
       email:
@@ -3037,11 +3047,11 @@ paths:
         attempts to log the user in with provided credentials
         *Endpoint only available when LDAP is enabled
       parameters:
-      - description: user login object
+      - description: user ldap login object
         in: body
         name: credentials
         schema:
-          $ref: '#/definitions/http.userLoginRequestBody'
+          $ref: '#/definitions/http.userLoginLdapRequestBody'
       produces:
       - application/json
       responses:
diff --git a/internal/http/auth.go b/internal/http/auth.go
index 531c6935..e585482f 100644
--- a/internal/http/auth.go
+++ b/internal/http/auth.go
@@ -98,6 +98,11 @@ func (s *Service) handleLogin() http.HandlerFunc {
 	}
 }
 
+type userLoginLdapRequestBody struct {
+	Email    string `json:"email" validate:"required,email"`
+	Password string `json:"password" validate:"required"`
+}
+
 // handleLdapLogin attempts to authenticate the user by looking up and authenticating
 // via ldap, and then creates the user if not existing and logs them in
 //
@@ -106,7 +111,7 @@ func (s *Service) handleLogin() http.HandlerFunc {
 //	@Description	*Endpoint only available when LDAP is enabled
 //	@Tags			auth
 //	@Produce		json
-//	@Param			credentials	body	userLoginRequestBody	false	"user login object"
+//	@Param			credentials	body	userLoginLdapRequestBody	false	"user ldap login object"
 //	@Success		200			object	standardJsonResponse{data=loginResponse}
 //	@Failure		401			object	standardJsonResponse{}
 //	@Failure		500			object	standardJsonResponse{}
@@ -120,7 +125,7 @@ func (s *Service) handleLdapLogin() http.HandlerFunc {
 			return
 		}
 
-		var u = userLoginRequestBody{}
+		var u = userLoginLdapRequestBody{}
 		jsonErr := json.Unmarshal(body, &u)
 		if jsonErr != nil {
 			s.Failure(w, r, http.StatusBadRequest, Errorf(EINVALID, jsonErr.Error()))