Create ldap user only after successful login attempt.

Signed-off-by: Jason Volk <jason@zemos.net>
2025-05-13 22:07:18 +00:00
parent f2a45d4408
commit f9b7c1e0b9
1 changed files with 7 additions and 6 deletions
--- a/src/api/client/session.rs
+++ b/src/api/client/session.rs
@@ -110,6 +110,12 @@ async fn ldap_login(
 		},
 	};

+	let user_id = services
+		.users
+		.auth_ldap(&user_dn, password)
+		.await
+		.map(|()| lowercased_user_id.to_owned())?;
+
 	// LDAP users are automatically created on first login attempt. This is a very
 	// common feature that can be seen on many services using a LDAP provider for
 	// their users (synapse, Nextcloud, Jellyfin, ...).
@@ -124,12 +130,7 @@ async fn ldap_login(
 			.await?;
 	}

-	debug!("{user_dn:?} {password:?}");
-	services
-		.users
-		.auth_ldap(&user_dn, password)
-		.await
-		.map(|()| lowercased_user_id.to_owned())
+	Ok(user_id)
 }

 /// # `POST /_matrix/client/v3/login`