This release fixes the following bugs:

- Partially #2045 revert [Improve authentication](https://github.com/wekan/wekan/issues/2016),
  adding back password/LDAP dropdown, because login did now work.
  NOTE: This was added in v1.71, reverted at v1.73 because login did not work, added back at v1.79,
  and then reverted partially at v1.82 because login did not work.
  Related LDAP logout timer does not work yet.

Thanks to xet7 !

CHANGELOG.md

@@ -1,3 +1,15 @@
+# Upcoming Wekan release
+
+This release fixes the following bugs:
+
+- Partially #2045 revert [Improve authentication](https://github.com/wekan/wekan/issues/2016),
+  adding back password/LDAP dropdown, because login did now work.
+  NOTE: This was added in v1.71, reverted at v1.73 because login did not work, added back at v1.79,
+  and then reverted partially at v1.82 because login did not work.
+  Related LDAP logout timer does not work yet.
+
+Thanks to GitHub user xet7 for contributions.
+
 # v1.81 2018-12-04 Wekan release
 
 This release fixes the following bugs:

client/components/main/layouts.jade

@@ -23,6 +23,7 @@ template(name="userFormsLayout")
         br
     section.auth-dialog
       +Template.dynamic(template=content)
+      +connectionMethod
       if isCas
         .at-form
           button#cas(class='at-btn submit' type='submit') {{casSignInLabel}}

client/components/main/layouts.js

@@ -6,14 +6,29 @@ const i18nTagToT9n = (i18nTag) => {
   return i18nTag;
 };
 
-Template.userFormsLayout.onCreated(function() {
-  Meteor.call('getDefaultAuthenticationMethod', (error, result) => {
-    this.data.defaultAuthenticationMethod = new ReactiveVar(error ? undefined : result);
-  });
+const validator = {
+  set(obj, prop, value) {
+    if (prop === 'state' && value !== 'signIn') {
+      $('.at-form-authentication').hide();
+    } else if (prop === 'state' && value === 'signIn') {
+      $('.at-form-authentication').show();
+    }
+    // The default behavior to store the value
+    obj[prop] = value;
+    // Indicate success
+    return true;
+  },
+};
+
+Template.userFormsLayout.onCreated(() => {
   Meteor.subscribe('setting');
+
 });
 
 Template.userFormsLayout.onRendered(() => {
+
+  AccountsTemplates.state.form.keys = new Proxy(AccountsTemplates.state.form.keys, validator);
+
   const i18nTag = navigator.language;
   if (i18nTag) {
     T9n.setLanguage(i18nTagToT9n(i18nTag));
@@ -22,6 +37,7 @@ Template.userFormsLayout.onRendered(() => {
 });
 
 Template.userFormsLayout.helpers({
+
   currentSetting() {
     return Settings.findOne();
   },
@@ -76,14 +92,13 @@ Template.userFormsLayout.events({
       }
     });
   },
-  'click #at-btn'(event, instance) {
+  'click #at-btn'(event) {
     /* All authentication method can be managed/called here.
        !! DON'T FORGET to correctly fill the fields of the user during its creation if necessary authenticationMethod : String !!
     */
-    const email = $('#at-field-username_and_email').val();
-    const password = $('#at-field-password').val();
-
-    if (FlowRouter.getRouteName() !== 'atSignIn' || password === '' || email === '') {
+    const authenticationMethodSelected = $('.select-authentication').val();
+    // Local account
+    if (authenticationMethodSelected === 'password') {
       return;
     }
 
@@ -91,11 +106,29 @@ Template.userFormsLayout.events({
     event.preventDefault();
     event.stopImmediatePropagation();
 
-    Meteor.subscribe('user-authenticationMethod', email, {
-      onReady() {
-        return authentication.call(this, instance, email, password);
-      },
-    });
+    const email = $('#at-field-username_and_email').val();
+    const password = $('#at-field-password').val();
+
+    // Ldap account
+    if (authenticationMethodSelected === 'ldap') {
+      // Check if the user can use the ldap connection
+      Meteor.subscribe('user-authenticationMethod', email, {
+        onReady() {
+          const user = Users.findOne();
+          if (user === undefined || user.authenticationMethod === 'ldap') {
+            // Use the ldap connection package
+            Meteor.loginWithLDAP(email, password, function(error) {
+              if (!error) {
+                // Connection
+                return FlowRouter.go('/');
+              }
+              return error;
+            });
+          }
+          return this.stop();
+        },
+      });
+    }
   },
 });
 
@@ -104,38 +137,3 @@ Template.defaultLayout.events({
     Modal.close();
   },
 });
-
-function authentication(instance, email, password) {
-  let user = Users.findOne();
-  // Authentication with password
-  if (user && user.authenticationMethod === 'password') {
-    $('#at-pwd-form').submit();
-    // Meteor.call('logoutWithTimer', user._id, () => {});
-    return this.stop();
-  }
-
-  // If user doesn't exist, uses the default authentication method if it defined
-  if (user === undefined) {
-    user = {
-      'authenticationMethod': instance.data.defaultAuthenticationMethod.get(),
-    };
-  }
-
-  // Authentication with LDAP
-  if (user.authenticationMethod === 'ldap') {
-    // Use the ldap connection package
-    Meteor.loginWithLDAP(email, password, function(error) {
-      if (!error) {
-        // Meteor.call('logoutWithTimer', Users.findOne()._id, () => {});
-        return FlowRouter.go('/');
-      }
-      return error;
-    });
-  }
-
-  /* else {
-    process.env.DEFAULT_AUTHENTICATION_METHOD is not defined
-  } */
-
-  return this.stop();
-}

models/settings.js

@@ -239,35 +239,5 @@ if (Meteor.isServer) {
         cas: isCasEnabled(),
       };
     },
-
-    getDefaultAuthenticationMethod() {
-      return process.env.DEFAULT_AUTHENTICATION_METHOD;
-    },
-
-    // TODO: patch error : did not check all arguments during call
-    logoutWithTimer(userId) {
-      if (process.env.LOGOUT_WITH_TIMER) {
-        Jobs.run('logOut', userId, {
-          in: {
-            days: process.env.LOGOUT_IN,
-          },
-          on: {
-            hour: process.env.LOGOUT_ON_HOURS,
-            minute: process.env.LOGOUT_ON_MINUTES,
-          },
-          priority: 1,
-        });
-      }
-    },
-  });
-
-  Jobs.register({
-    logOut(userId) {
-      Meteor.users.update(
-        {_id: userId},
-        {$set: {'services.resume.loginTokens': []}}
-      );
-      this.success();
-    },
   });
 }

server/publications/pub-users.js

@@ -0,0 +1,28 @@
+Meteor.publish('user-miniprofile', function(userId) {
+  check(userId, String);
+
+  return Users.find(userId, {
+    fields: {
+      'username': 1,
+      'profile.fullname': 1,
+      'profile.avatarUrl': 1,
+    },
+  });
+});
+
+Meteor.publish('user-admin', function() {
+  return Meteor.users.find(this.userId, {
+    fields: {
+      isAdmin: 1,
+    },
+  });
+});
+
+Meteor.publish('user-authenticationMethod', function(match) {
+  check(match, String);
+  return Users.find({$or: [{_id: match}, {email: match}, {username: match}]}, {
+    fields: {
+      'authenticationMethod': 1,
+    },
+  });
+});