login-validator: new option to skip authentication
This commit is contained in:
parent
e4087394ba
commit
60a6b70ccf
@ -23,6 +23,7 @@ var loginSalt string
|
||||
|
||||
type loginChecker struct {
|
||||
students []Student
|
||||
noAuth bool
|
||||
ldapAddr string
|
||||
ldapPort int
|
||||
ldapIsTLS bool
|
||||
@ -139,6 +140,7 @@ func (l loginChecker) ServeHTTP(w http.ResponseWriter, r *http.Request) {
|
||||
return
|
||||
}
|
||||
|
||||
if ! l.noAuth {
|
||||
if ok, err := l.ldapAuth(lu.Username, lu.Password); err != nil {
|
||||
log.Println("Unable to perform authentication for", lu.Username, ":", err, "at", r.RemoteAddr)
|
||||
http.Error(w, err.Error(), http.StatusUnauthorized)
|
||||
@ -148,6 +150,7 @@ func (l loginChecker) ServeHTTP(w http.ResponseWriter, r *http.Request) {
|
||||
http.Error(w, "Invalid password", http.StatusUnauthorized)
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
if err := l.lateLoginAction(lu.Username, r.RemoteAddr); err != nil {
|
||||
log.Println("Error on late login action:", err)
|
||||
|
@ -20,6 +20,7 @@ func main() {
|
||||
flag.StringVar(&tftpDir, "tftpdir", "/var/tftp/", "Path to TFTPd directory")
|
||||
flag.StringVar(&loginSalt, "loginsalt", "adelina", "secret used in login HMAC")
|
||||
|
||||
flag.BoolVar(&lc.noAuth, "noauth", false, "don't perform password check")
|
||||
flag.StringVar(&lc.ldapAddr, "ldaphost", "auth.cri.epita.fr", "LDAP host")
|
||||
flag.IntVar(&lc.ldapPort, "ldapport", 636, "LDAP port")
|
||||
flag.BoolVar(&lc.ldapIsTLS, "ldaptls", false, "Is LDAP connection LDAPS?")
|
||||
|
Reference in New Issue
Block a user