Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow custom rocketchat username for crowd users and enable login via email/crowd_username #12979

Open
steerben opened this issue Dec 18, 2018 · 1 comment
Open

Allow custom rocketchat username for crowd users and enable login via email/crowd_username #12979

steerben opened this issue Dec 18, 2018 · 1 comment
Assignees
@pierre-lehnen-rc
Projects
1.1.0 Review
Milestone
4.1.0

Comments

@steerben
Copy link
Contributor

Description:

Currently the CROWD Plugin does working correct when allowing custom usernames (read: Allow users to change username) via their Rocketchat user settings. It is quite a common feature to use this custom name as a mention name.

Additionally the crowd plugin does not allow to login via email (even if the login UI suggests it would work), nor specifically the crowd_username (if the username has been changed), but only by the username in the current implementation.

This means that after changing username in Rocketchat, the Crowd login will stop working (since the new username is not available in Crowd). Therefore the Crowd plugin redirects to the fallback login handler, which then logins the user locally via the stored hashed password.

A crowd sync will additionally override the custom usernames to their crowd_username pendants on syncing.

Furthermore the login does not allow to use the email address - the sync on the other hand also tries to sync on email address basis. This is not a consistent behaviour.

Steps to reproduce:

  1. Enable Crowd authentication
  2. Allow users to change their username under Accounts
  3. Login via your crowd username
  4. Change your username to something else
  5. When logging in with your new rocketchat username you will be redirected to the fallback login, but not login via crowd
  6. On sync your rocketchat username will be reset again to the crowd username

Expected behavior:

  1. User can change is username in Rocketchat (if allowed in Account Settings and also in Crowd Settings)
  2. User is able to login via Rocketchat username, crowd_username and email
  3. On Crowd Sync and Login, the Rocketchat username is maintained as long as an option in the Crowd settings does allow a custom Rocketchat username.
  4. If this option is disabled, the usernames should be reset to their crowd pendants.
  5. Additional a local user (e.g. admin backup) should initially not be tried to be logged in via Crowd, but redirected to the fallback login in the first place

Actual behavior:

See steps to reproduce

Server Setup Information:

  • Version of Rocket.Chat Server: <=0.73.x

This is a code issue. Therefore it does not make sense to provide

  • Operating System:
  • Deployment Method:
  • Number of Running Instances:
  • DB Replicaset Oplog:
  • NodeJS Version:
  • MongoDB Version:

Additional context

In our specific case, the crowd_username is equal to the user's email address. This is not optimal specifically to us, but in general others may also give their users the ability to use nicknames in the chat tool, which should not be propagated to other applications connected to the crowd instance

Relevant logs:
@steerben steerben mentioned this issue Dec 18, 2018
Merged
@engelgabriel engelgabriel added this to the 0.74.0 milestone Feb 15, 2019
@steerben
Copy link
Contributor Author

Nice to see, that it progresses @engelgabriel

rodrigok pushed a commit that referenced this issue Feb 22, 2019
@steerben @rodrigok
[IMPROVE] Allow custom rocketchat username for crowd users and enable…
5f0180d 
… login via email/crowd_username (#12981)

* Fix to close issue #12979

- Enable custom rocketchat usernames for crowd users
- Enable login via rocketchat username, crowd_username and email address
- Don't authenticate local users against crowd
- Allow/Disallow resyncing/overwride of local usernames with crowd usernames in crowd options
- Consistent user sync on login and on cron sync

* Fix to close issue #12979

Integrate PR suggestions/improvements

* Change mongodb queries

* Access settings directly via imported settings object
@engelgabriel engelgabriel modified the milestones: 0.74.0, 1.1.0 Apr 6, 2019
@rodrigok rodrigok added this to Issues in 1.1.0 Review May 10, 2019
@engelgabriel engelgabriel modified the milestones: 1.1.0, 1.3.0 Jul 10, 2019
@sampaiodiego sampaiodiego modified the milestones: 1.3.0, 1.4.0 Jul 25, 2019
@rodrigok rodrigok assigned pierre-lehnen-rc and unassigned Hudell Sep 19, 2019
@engelgabriel engelgabriel modified the milestones: 2.0.0, 2.2.0 Oct 13, 2019
@engelgabriel engelgabriel modified the milestones: 2.2.0, 4.1.0 Mar 17, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@pierre-lehnen-rc pierre-lehnen-rc

Labels
None yet
Projects
No open projects
1.1.0 Review
  
Issues
Milestone
4.1.0
Development

No branches or pull requests
5 participants
@engelgabriel @Hudell @steerben @sampaiodiego @pierre-lehnen-rc