vikunja/pkg
Quiwy 6dbc108be8
feat(auth): allow LDAP authentication with anonymous bind (#2226)
As discussed on Matrix, Vikunja currently prevents users from using LDAP
authentication if the server allows anonymous binds (common in local
environments like YunoHost). The application would previously trigger a
`log.Fatal` if `AuthLdapBindDN` or `AuthLdapBindPassword` were left
empty in the configuration.

#### **How this fixes the problem:**

* **Validation:** Removed the strict requirement for Bind credentials in
`InitializeLDAPConnection`.
* **Connection Logic:** Updated `ConnectAndBindToLDAPDirectory` to
attempt an `UnauthenticatedBind` from the `go-ldap` library when no
credentials are provided.
* **Safety:** If a Bind DN is provided, the behavior remains unchanged
(authenticated bind).

#### **Testing:**

* Tested manually on a **YunoHost** instance by replacing the binary.
* Confirmed that Vikunja now successfully starts and authenticates users
via the local LDAP (localhost) without requiring a service account.
* Added a basic unit test in `pkg/modules/auth/ldap/ldap_test.go` to
ensure the initialization logic doesn't crash with empty credentials.

*Note: This is my first contribution to a Go project (assisted by an LLM
for syntax). Feedback on code style is more than welcome!*
2026-02-17 22:24:35 +01:00
..
caldav fix(caldav): do not assume the first element is the VTODO component 2025-12-13 15:30:22 +01:00
cmd feat: add vikunja doctor command for diagnostic checks (#2165) 2026-01-27 09:12:31 +00:00
config feat: add UNSIGNED-PAYLOAD config option for S3-compatible stores (#2205) 2026-02-08 15:03:19 +00:00
cron fix: correct license header references (#882) 2025-06-10 12:18:38 +02:00
db refactor: remove environment variable requirements for go test 2026-02-17 18:01:05 +01:00
doctor feat(doctor): add user namespace detection and improved storage diagnostics (#2180) 2026-02-01 11:57:35 +01:00
events fix(events): only trigger task.updated once when marking task done 2025-11-16 11:01:15 +01:00
files feat: add UNSIGNED-PAYLOAD config option for S3-compatible stores (#2205) 2026-02-08 15:03:19 +00:00
health feat: introduce shared health check logic (#1073) 2025-07-02 21:01:41 +00:00
i18n feat: add Swedish for language selection (#2248) 2026-02-17 14:32:01 +00:00
initialize feat: add S3 file storage support (#1688) 2025-11-06 08:37:04 +01:00
log fix(log): write each log category to its own file (#2206) 2026-02-08 15:22:58 +00:00
mail fix(mail): disable queue when mailer disabled (#2069) 2026-01-08 15:51:31 +01:00
metrics fix: correct license header references (#882) 2025-06-10 12:18:38 +02:00
migration feat: add option to send Basic Auth header with webhook requests (#2137) 2026-01-30 15:07:31 +01:00
models refactor: remove environment variable requirements for go test 2026-02-17 18:01:05 +01:00
modules feat(auth): allow LDAP authentication with anonymous bind (#2226) 2026-02-17 22:24:35 +01:00
notifications refactor: remove environment variable requirements for go test 2026-02-17 18:01:05 +01:00
plugins fix(deps): update module github.com/labstack/echo/v4 to v5 (#2131) 2026-01-24 20:38:32 +01:00
red fix: correct license header references (#882) 2025-06-10 12:18:38 +02:00
routes fix(routes): restore SPA routing after Echo v5 upgrade 2026-01-25 11:07:48 +01:00
swagger [skip ci] Updated swagger docs 2026-01-30 14:14:52 +00:00
user fix(auth): remove unnecessary fields from JWT token payloads 2026-02-08 21:30:07 +01:00
utils feat(doctor): add user namespace detection and improved storage diagnostics (#2180) 2026-02-01 11:57:35 +01:00
version fix: correct license header references (#882) 2025-06-10 12:18:38 +02:00
web fix(deps): update module github.com/labstack/echo/v4 to v5 (#2131) 2026-01-24 20:38:32 +01:00
webtests refactor: use Go idioms for running tests 2026-02-17 18:01:05 +01:00