Don't block site admin's operation if SECRET_KEY is lost (#35721) (#35724)

Backport #35721 by wxiaoguang Related: #24573 Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2025-10-27 00:23:41 +09:00 · 2025-10-22 13:02:47 +08:00
parent cb338a2ba1
commit c84d17b1bb
4 changed files with 13 additions and 8 deletions
--- a/services/auth/source/ldap/source.go
+++ b/services/auth/source/ldap/source.go
@@ -8,6 +8,7 @@ import (

 	"code.gitea.io/gitea/models/auth"
 	"code.gitea.io/gitea/modules/json"
+	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/secret"
 	"code.gitea.io/gitea/modules/setting"
 )
@@ -66,9 +67,12 @@ func (source *Source) FromDB(bs []byte) error {
 	}
 	if source.BindPasswordEncrypt != "" {
 		source.BindPassword, err = secret.DecryptSecret(setting.SecretKey, source.BindPasswordEncrypt)
+		if err != nil {
+			log.Error("Unable to decrypt bind password for LDAP source, maybe SECRET_KEY is wrong: %v", err)
+		}
 		source.BindPasswordEncrypt = ""
 	}
-	return err
+	return nil
 }

 // ToDB exports a LDAPConfig to a serialized format.