Allow login of simpleSecurityObjects
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
This commit is contained in:
parent
5643713c54
commit
e5046b108b
@ -35,7 +35,7 @@ func changePassword(w http.ResponseWriter, r *http.Request) {
|
||||
} else if err := conn.ServiceBind(); err != nil {
|
||||
log.Println(err)
|
||||
displayTmplError(w, http.StatusInternalServerError, "change.html", map[string]interface{}{"error": err.Error()})
|
||||
} else if dn, err := conn.SearchDN(r.PostFormValue("login")); err != nil {
|
||||
} else if dn, err := conn.SearchDN(r.PostFormValue("login"), true); err != nil {
|
||||
log.Println(err)
|
||||
displayTmplError(w, http.StatusInternalServerError, "change.html", map[string]interface{}{"error": err.Error()})
|
||||
} else if err := conn.Bind(dn, r.PostFormValue("password")); err != nil {
|
||||
|
||||
9
ldap.go
9
ldap.go
@ -65,11 +65,16 @@ func (l LDAPConn) Bind(username string, password string) error {
|
||||
return l.connection.Bind(username, password)
|
||||
}
|
||||
|
||||
func (l LDAPConn) SearchDN(username string) (string, error) {
|
||||
func (l LDAPConn) SearchDN(username string, person bool) (string, error) {
|
||||
objectClass := "organizationalPerson"
|
||||
if !person {
|
||||
objectClass = "simpleSecurityObject"
|
||||
}
|
||||
|
||||
searchRequest := ldap.NewSearchRequest(
|
||||
l.BaseDN,
|
||||
ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false,
|
||||
fmt.Sprintf("(&(objectClass=organizationalPerson)(uid=%s))", username),
|
||||
fmt.Sprintf("(&(objectClass=%s)(uid=%s))", objectClass, username),
|
||||
[]string{"dn"},
|
||||
nil,
|
||||
)
|
||||
|
||||
21
login.go
21
login.go
@ -14,13 +14,26 @@ func login(login string, password string) ([]*ldap.EntryAttribute, error) {
|
||||
conn, err := myLDAP.Connect()
|
||||
if err != nil || conn == nil {
|
||||
return nil, err
|
||||
} else if err := conn.ServiceBind(); err != nil {
|
||||
}
|
||||
|
||||
if err = conn.ServiceBind(); err != nil {
|
||||
return nil, err
|
||||
} else if dn, err := conn.SearchDN(login); err != nil {
|
||||
}
|
||||
|
||||
var dn string
|
||||
dn, err = conn.SearchDN(login, true)
|
||||
if err != nil {
|
||||
dn, err = conn.SearchDN(login, false)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
} else if err := conn.Bind(dn, password); err != nil {
|
||||
}
|
||||
}
|
||||
|
||||
if err := conn.Bind(dn, password); err != nil {
|
||||
return nil, err
|
||||
} else if entries, err := conn.GetEntry(dn); err != nil {
|
||||
}
|
||||
|
||||
if entries, err := conn.GetEntry(dn); err != nil {
|
||||
return nil, err
|
||||
} else {
|
||||
return entries, nil
|
||||
|
||||
2
lost.go
2
lost.go
@ -74,7 +74,7 @@ func lostPassword(w http.ResponseWriter, r *http.Request) {
|
||||
}
|
||||
|
||||
// Search the dn of the given user
|
||||
dn, err := conn.SearchDN(r.PostFormValue("login"))
|
||||
dn, err := conn.SearchDN(r.PostFormValue("login"), true)
|
||||
if err != nil {
|
||||
log.Println(err)
|
||||
displayTmplError(w, http.StatusInternalServerError, "lost.html", map[string]interface{}{"error": err.Error()})
|
||||
|
||||
2
reset.go
2
reset.go
@ -51,7 +51,7 @@ func resetPassword(w http.ResponseWriter, r *http.Request) {
|
||||
}
|
||||
|
||||
// Search the dn of the given user
|
||||
dn, err := conn.SearchDN(r.PostFormValue("login"))
|
||||
dn, err := conn.SearchDN(r.PostFormValue("login"), true)
|
||||
if err != nil {
|
||||
log.Println(err)
|
||||
base["error"] = err.Error()
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user