Minor bug fixes. Also added ldap_close();

2021-05-20 15:06:42 -04:00 · 2021-05-20 15:06:42 -04:00 · 7c915032c5
parent 1d5bb6ccc7
commit 7c915032c5
1 changed files with 8 additions and 3 deletions
--- a/app/Controllers/Auth/LoginController.php
+++ b/app/Controllers/Auth/LoginController.php
@ -130,13 +130,16 @@ class LoginController extends AuthController
        }
        
        //Get LDAP user's (R)DN
-        $userDN=$this->getLdapRdn($username, $password, $server);
+        $userDN=$this->getLdapRdn($username, $server);
        if (!is_string($userDN)) {
            return null;
        }
    
        //Bind as user to validate password
-        if (!@ldap_bind($server, $this->getLdapRdn($username), $password)) {
+        if (@ldap_bind($server, $userDN, $password)) {
+            $this->logger->debug("$userDN authenticated against LDAP sucessfully");
+        } else {
+            $this->logger->debug("$userDN authenticated against LDAP unsucessfully");
            if ($dbUser && !$dbUser->ldap) {
                return $dbUser;
            }
@ -166,6 +169,8 @@ class LoginController extends AuthController
            return $userQuery->get($request, $this->database->getPdo()->lastInsertId());
        }
        
+        if ($server) ldap_close($server);
+        
        if (!password_verify($password, $dbUser->password)) {
            $userQuery = make(UserQuery::class);
            $userQuery->update($dbUser->id, $dbUser->email, $username, $password, $dbUser->is_admin, $dbUser->active, $dbUser->max_disk_quota, $dbUser->ldap);