6 лет назад · 9f6d004073
--- a/resource/locales/en-US/translation.json
+++ b/resource/locales/en-US/translation.json
@@ -528,7 +528,9 @@
 
				       "note for the only env option": "The setting item that enables or disables the SAML authentication and the highlighted setting items use only the value of environment variables.<br>To change this setting, please change to false or delete the value of the environment variable <code>%s</code> ."
			
 
				     },
			
 
				     "Basic": {
			
 
				-      "name": "Basic Authentication"
			
 
				+      "name": "Basic Authentication",
			
 
				+      "desc_1": "Login with <code>username</code> in Authorization header.",
			
 
				+      "desc_2": "User will be automatically generated if not exist."
			
 
				     },
			
 
				     "OAuth": {
			
 
				       "register": "Register for %s",
			
--- a/resource/locales/ja/translation.json
+++ b/resource/locales/ja/translation.json
@@ -522,7 +522,9 @@
 
				       "note for the only env option": "現在SAML認証のON/OFFの設定値及びハイライトされている設定値は環境変数の値のみを使用するようになっています<br>この設定を変更する場合は環境変数 <code>%s</code> の値をfalseに変更もしくは削除してください"
			
 
				     },
			
 
				     "Basic": {
			
 
				-      "name": "Basic 認証"
			
 
				+      "name": "Basic 認証",
			
 
				+      "desc_1": "Authorization ヘッダに格納されている <code>username</code> でログインします。",
			
 
				+      "desc_2": "ユーザーが存在しなかった場合は自動生成します。"
			
 
				     },
			
 
				     "OAuth": {
			
 
				       "register": "%sに登録",
			
--- a/src/server/form/admin/securityPassportBasic.js
+++ b/src/server/form/admin/securityPassportBasic.js
@@ -4,6 +4,5 @@ const field = form.field;
 
				 
			
 
				 module.exports = form(
			
 
				   field('settingForm[security:passport-basic:isEnabled]').trim().toBooleanStrict().required(),
			
 
				-  field('settingForm[security:passport-basic:id]').trim(),
			
 
				-  field('settingForm[security:passport-basic:password]').trim(),
			
 
				+  field('settingForm[security:passport-basic:isSameUsernameTreatedAsIdenticalUser]').trim().toBooleanStrict(),
			
 
				 );
			
--- a/src/server/routes/login-passport.js
+++ b/src/server/routes/login-passport.js
@@ -476,10 +476,7 @@ module.exports = function(crowi, app) {
 
				       userId = await promisifiedPassportAuthentication(strategyName, req, res);
			
 
				     }
			
 
				     catch (err) {
			
 
				-      // display prompt in browser
			
 
				-      res.setHeader('WWW-Authenticate', 'Basic realm="Users"');
			
 
				-      res.sendStatus(401).end();
			
 
				-      return;
			
 
				+      return loginFailure(req, res);
			
 
				     }
			
 
				 
			
 
				     const userInfo = {
			
--- a/src/server/service/passport.js
+++ b/src/server/service/passport.js
@@ -621,15 +621,12 @@ class PassportService {
 
				 
			
 
				     debug('BasicStrategy: setting up..');
			
 
				 
			
 
				-    const configId = configManager.getConfig('crowi', 'security:passport-basic:id');
			
 
				-    const configPassword = configManager.getConfig('crowi', 'security:passport-basic:password');
			
 
				-
			
 
				     passport.use(new BasicStrategy(
			
 
				       (userId, password, done) => {
			
 
				-        if (userId !== configId || password !== configPassword) {
			
 
				-          return done(null, false, { message: 'Incorrect credentials.' });
			
 
				+        if (userId != null) {
			
 
				+          return done(null, userId);
			
 
				         }
			
 
				-        return done(null, userId);
			
 
				+        return done(null, false, { message: 'Incorrect credentials.' });
			
 
				       },
			
 
				     ));
			
 
				 
			
--- a/src/server/views/admin/widget/passport/basic.html
+++ b/src/server/views/admin/widget/passport/basic.html
@@ -18,21 +18,32 @@
 
				               {% if !isbasicEnabled %}checked{% endif %}> OFF
			
 
				         </label>
			
 
				       </div>
			
 
				+      <p class="help-block">
			
 
				+        <small>
			
 
				+          {{ t("security_setting.Basic.desc_1") }}<br>
			
 
				+          {{ t("security_setting.Basic.desc_2") }}
			
 
				+        </small>
			
 
				+      </p>
			
 
				     </div>
			
 
				   </div>
			
 
				+
			
 
				+
			
 
				   <fieldset id="passport-basic-hide-when-disabled" {%if !isbasicEnabled %}style="display: none;"{% endif %}>
			
 
				 
			
 
				     <div class="form-group">
			
 
				-      <label for="settingForm[security:passport-basic:id]" class="col-xs-3 control-label">ID</label>
			
 
				-      <div class="col-xs-6">
			
 
				-        <input class="form-control" type="text" name="settingForm[security:passport-basic:id]" value="{{ settingForm['security:passport-basic:id'] || '' }}">
			
 
				-      </div>
			
 
				+    <div class="col-xs-6 col-xs-offset-3">
			
 
				+      <div class="checkbox checkbox-info">
			
 
				+        <input type="checkbox" id="bindByUserName-basic" name="settingForm[security:passport-basic:isSameUsernameTreatedAsIdenticalUser]" value="1"
			
 
				+            {% if getConfig('crowi', 'security:passport-basic:isSameUsernameTreatedAsIdenticalUser') %}checked{% endif %} />
			
 
				+        <label for="bindByUserName-basic">
			
 
				+          {{ t("security_setting.Treat username matching as identical", "username") }}
			
 
				+        </label>
			
 
				+        <p class="help-block">
			
 
				+          <small>
			
 
				+            {{ t("security_setting.Treat username matching as identical_warn", "username") }}
			
 
				+          </small>
			
 
				+        </p>
			
 
				     </div>
			
 
				-
			
 
				-    <div class="form-group">
			
 
				-      <label for="settingForm[security:passport-basic:password]" class="col-xs-3 control-label">{{ t("Password") }}</label>
			
 
				-      <div class="col-xs-6">
			
 
				-        <input class="form-control" type="text" name="settingForm[security:passport-basic:password]" value="{{ settingForm['security:passport-basic:password'] || '' }}">
			
 
				       </div>
			
 
				     </div>