From 13b76926ca823719c9d52651a72b8f22067db97c Mon Sep 17 00:00:00 2001
From: "Simon M. Haller-Seeber" <simon.haller-seeber@uibk.ac.at>
Date: Thu, 14 May 2020 19:51:48 +0200
Subject: [PATCH] Some minor update

---
 README.md                                     |  6 +++++
 docker-compose.yml                            |  3 +++
 .../sharelatex/AuthenticationManager.js       | 22 ++++++++++++-------
 3 files changed, 23 insertions(+), 8 deletions(-)

diff --git a/README.md b/README.md
index eb0d782..3b8bf39 100644
--- a/README.md
+++ b/README.md
@@ -34,6 +34,12 @@ db.users.find({email:"EMAIL"}).pretty()
 db.users.update({email : OLDEMAIL},{$set: { email : NEWEMAIL}});
 ```
 
+## Coming soon
+
+- Option that Admins can invite non LDAP User
+
+
+
 ## Configuration
 
 ### Domain Configuration
diff --git a/docker-compose.yml b/docker-compose.yml
index ae02893..b9c1bf2 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -48,6 +48,9 @@ services:
             LDAP_BINDDN: ou=someunit,ou=people,dc=DOMAIN,dc=TLS
             # By default tries to bind directly with the ldap user - this user has to be in the LDAP GROUP
             LDAP_GROUP_FILTER: '(memberof=cn=GROUPNAME,ou=groups,dc=DOMAIN,dc=TLD)'
+            #LDAP_GROUP_FILTER: '(memberof=GROUPNAME,ou=groups,dc=DOMAIN,dc=TLD)'
+            # if user is in ADMIN_GROUP on user creation (first login) isAdmin is set to true.
+            #LDAP_ADMIN_GROUP_FILTER: '(memberof=cn=ADMINGROUPNAME,ou=groups,dc=DOMAIN,dc=TLD)'
             LDAP_CONTACTS: 'false'
 
             # Same property, unfortunately with different names in
diff --git a/ldap-overleaf-sl/sharelatex/AuthenticationManager.js b/ldap-overleaf-sl/sharelatex/AuthenticationManager.js
index f4d6de9..db9025b 100644
--- a/ldap-overleaf-sl/sharelatex/AuthenticationManager.js
+++ b/ldap-overleaf-sl/sharelatex/AuthenticationManager.js
@@ -59,7 +59,6 @@ const AuthenticationManager = {
       let pass = require("crypto").randomBytes(32).toString("hex")
       const userRegHand = require('../User/UserRegistrationHandler.js')
       userRegHand.registerNewUser({
-        //_id: uid,
         email: mail,
         first_name: firstname,
         last_name: lastname,
@@ -70,11 +69,7 @@ const AuthenticationManager = {
           console.log(error)
         }
         user.email = mail
-        if (isAdmin) {
-          user.admin = true
-        } else {
-          user.admin = false
-        }
+        user.isAdmin = isAdmin
         user.emails[0].confirmedAt = Date.now()
         user.save()
         //console.log("user %s added to local library: ", mail)
@@ -93,8 +88,19 @@ const AuthenticationManager = {
   },
 
   authUserObj(error, user, query, password, callback) {
-    // check if user is in ldap and logon if the ldapuser exists.
-    AuthenticationManager.ldapAuth(query, password, AuthenticationManager.createIfNotExistAndLogin, callback, user)
+    // check if user is in ldap and logon if the ldapuser exists
+    // external email login
+    if (user && user.hashedPassword) {
+      console.log("email login for existing user")
+      bcrypt.compare(password, user.hashedPassword, function (error, match) {
+        if (match) {
+          console.log("Fine")
+          AuthenticationManager.login(user, password, callback)
+        }
+      })
+    } else {
+      AuthenticationManager.ldapAuth(query, password, AuthenticationManager.createIfNotExistAndLogin, callback, user)
+    }
     return null
   },