apitech
/
wekan
mirror of https://github.com/wekan/wekan
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Update loginHandler.js

Browse Source 
additional option to login in ldap server with user account
reviewable/pr2399/r1
Thiago Fernando 6 years ago committed by GitHub
parent fd1af07e43
commit 36f148a7cb
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 31 additions and 21 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 52
      packages/wekan-ldap/server/loginHandler.js

52
packages/wekan-ldap/server/loginHandler.js
Unescape View File

@ -41,28 +41,38 @@ Accounts.registerLoginHandler('ldap', function(loginRequest) {
let ldapUser;
try {
ldap.connectSync();
const users = ldap.searchUsersSync(loginRequest.username);
if (users.length !== 1) {
log_info('Search returned', users.length, 'record(s) for', loginRequest.username);
throw new Error('User not Found');
}
ldap.connectSync();
if (!!LDAP.settings_get('LDAP_USER_AUTHENTICATION')) {
ldap.bindUserIfNecessary(loginRequest.username, loginRequest.ldapPass);
ldapUser = ldap.searchUsersSync(loginRequest.username)[0];
} else {
const users = ldap.searchUsersSync(loginRequest.username);
if (users.length !== 1) {
log_info('Search returned', users.length, 'record(s) for', loginRequest.username);
throw new Error('User not Found');
}
if (ldap.authSync(users[0].dn, loginRequest.ldapPass) === true) {
if (ldap.isUserInGroup(loginRequest.username, users[0])) {
ldapUser = users[0];
} else {
throw new Error('User not in a valid group');
}
} else {
log_info('Wrong password for', loginRequest.username);
}
}
if (ldap.authSync(users[0].dn, loginRequest.ldapPass) === true) {
if (ldap.isUserInGroup(loginRequest.username, users[0])) {
ldapUser = users[0];
} else {
throw new Error('User not in a valid group');
}
} else {
log_info('Wrong password for', loginRequest.username);
}
} catch (error) {
log_error(error);
log_error(error);
}
if (ldapUser === undefined) {
if (!ldapUser) {
if (LDAP.settings_get('LDAP_LOGIN_FALLBACK') === true) {
return fallbackDefaultAccountSystem(self, loginRequest.username, loginRequest.ldapPass);
}
@ -76,8 +86,7 @@ Accounts.registerLoginHandler('ldap', function(loginRequest) {
const Unique_Identifier_Field = getLdapUserUniqueID(ldapUser);
let user;
// Attempt to find user by unique identifier
// Attempt to find user by unique identifier
if (Unique_Identifier_Field) {
userQuery = {
@ -88,14 +97,14 @@ Accounts.registerLoginHandler('ldap', function(loginRequest) {
log_debug('userQuery', userQuery);
user = Meteor.users.findOne(userQuery);
}
}
// Attempt to find user by username
let username;
let email;
if (LDAP.settings_get('LDAP_USERNAME_FIELD') !== '') {
if (LDAP.settings_get('LDAP_USERNAME_FIELD') !== '') {
username = slug(getLdapUsername(ldapUser));
} else {
username = slug(loginRequest.username);
@ -105,6 +114,7 @@ Accounts.registerLoginHandler('ldap', function(loginRequest) {
email = getLdapEmail(ldapUser);
}
if (!user) {
if(email && LDAP.settings_get('LDAP_EMAIL_MATCH_REQUIRE') === true) {
if(LDAP.settings_get('LDAP_EMAIL_MATCH_VERIFIED') === true) {

Write Preview
Loading…
Cancel
Save