beenull/XBackBone
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Improved ldap auth

Browse source
This commit is contained in:
Sergio Brighenti 2020-03-31 17:23:09 +02:00
parent b9989e1126
commit b87faad0c9
2 changed files with 15 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
app/Controllers/Auth/LoginController.php
View file

@ -53,8 +53,11 @@ class LoginController extends Controller
$username = param($request, 'username'); $username = param($request, 'username');
$user = $this->database->query('SELECT `id`, `email`, `username`, `password`,`is_admin`, `active`, `current_disk_quota`, `max_disk_quota` FROM `users` WHERE `username` = ? OR `email` = ? LIMIT 1', [$username, $username])->fetch(); $user = $this->database->query('SELECT `id`, `email`, `username`, `password`,`is_admin`, `active`, `current_disk_quota`, `max_disk_quota` FROM `users` WHERE `username` = ? OR `email` = ? LIMIT 1', [$username, $username])->fetch();
if ($this->config['ldap']['enabled'] && !$user) { if ($this->config['ldap']['enabled']) {
$this->ldapLogin($username, param($request, 'password'), $user); $result = $this->ldapLogin($username, param($request, 'password'), $user);
if ($result) {
$user = $this->database->query('SELECT `id`, `email`, `username`, `password`,`is_admin`, `active`, `current_disk_quota`, `max_disk_quota` FROM `users` WHERE `username` = ? OR `email` = ? LIMIT 1', [$username, $username])->fetch();
}
} }
$validator = ValidationChecker::make() $validator = ValidationChecker::make()
@ -124,6 +127,7 @@ class LoginController extends Controller
protected function ldapLogin(string $username, string $password, $dbUser) protected function ldapLogin(string $username, string $password, $dbUser)
{ {
if (!extension_loaded('ldap')) { if (!extension_loaded('ldap')) {
$this->logger->error('The LDAP extension is not loaded.');
return false; return false;
} }
@ -152,8 +156,14 @@ class LoginController extends Controller
} }
if (!$dbUser) { if (!$dbUser) {
$email = $username;
if (!filter_var($username, FILTER_VALIDATE_EMAIL)) {
$search = ldap_search($server, $this->config['ldap']['user_domain'].','.$this->config['ldap']['base_domain'], 'uid='.addslashes($username), ['mail']);
$entry = ldap_first_entry($server, $search);
$email = @ldap_get_values($server, $entry, 'mail')[0] ?? platform_mail($username.uniqid());
}
make(UserQuery::class)->create( make(UserQuery::class)->create(
filter_var($username, FILTER_VALIDATE_EMAIL) ? $username : $username.$this->config['ldap']['user_domain'], $email,
$username, $username,
$password, $password,
0, 0,

3
composer.json
View file

@ -21,7 +21,8 @@
"slim/slim": "^4.0", "slim/slim": "^4.0",
"spatie/flysystem-dropbox": "^1.0", "spatie/flysystem-dropbox": "^1.0",
"superbalist/flysystem-google-storage": "^7.2", "superbalist/flysystem-google-storage": "^7.2",
"twig/twig": "^2.12" "twig/twig": "^2.12",
"ext-ldap": "*"
}, },
"config": { "config": {
"optimize-autoloader": true, "optimize-autoloader": true,