aboutsummaryrefslogtreecommitdiffstats
path: root/models/login.go
diff options
context:
space:
mode:
authorAdam Strzelecki <ono@java.pl>2015-12-01 14:49:49 +0100
committerAdam Strzelecki <ono@java.pl>2015-12-02 00:20:14 +0100
commit573305f3d3ac55a79639dcb4cc55694ad7a914a5 (patch)
treeb542b8a5446bcbdd5287212c390d9eb2816290b6 /models/login.go
parent7ccce4d1102508cf1f993bde31bf502eb142a991 (diff)
downloadgitea-573305f3d3ac55a79639dcb4cc55694ad7a914a5.tar.gz
gitea-573305f3d3ac55a79639dcb4cc55694ad7a914a5.zip
LDAP: Optional user name attribute specification
Consider following LDAP search query example: (&(objectClass=Person)(|(uid=%s)(mail=%s))) Right now on first login attempt Gogs will use the text supplied on login form as the newly created user name. In example query above the text matches against both e-mail or user name. So if user puts the e-mail then the new Gogs user name will be e-mail which may be undesired. Using optional user name attribute setting we can explicitly say we want Gogs user name to be certain LDAP attribute eg. `uid`, so even user will use e-mail to login 1st time, the new account will receive correct user name.
Diffstat (limited to 'models/login.go')
-rw-r--r--models/login.go28
1 files changed, 22 insertions, 6 deletions
diff --git a/models/login.go b/models/login.go
index 6fde7457ac..1ec5309db4 100644
--- a/models/login.go
+++ b/models/login.go
@@ -225,16 +225,16 @@ func DeleteSource(source *LoginSource) error {
// |_______ \/_______ /\____|__ /____|
// \/ \/ \/
-// LoginUserLDAPSource queries if name/passwd can login against the LDAP directory pool,
+// LoginUserLDAPSource queries if loginName/passwd can login against the LDAP directory pool,
// and create a local user if success when enabled.
// It returns the same LoginUserPlain semantic.
-func LoginUserLDAPSource(u *User, name, passwd string, source *LoginSource, autoRegister bool) (*User, error) {
+func LoginUserLDAPSource(u *User, loginName, passwd string, source *LoginSource, autoRegister bool) (*User, error) {
cfg := source.Cfg.(*LDAPConfig)
directBind := (source.Type == DLDAP)
- fn, sn, mail, admin, logged := cfg.SearchEntry(name, passwd, directBind)
+ name, fn, sn, mail, admin, logged := cfg.SearchEntry(loginName, passwd, directBind)
if !logged {
// User not in LDAP, do nothing
- return nil, ErrUserNotExist{0, name}
+ return nil, ErrUserNotExist{0, loginName}
}
if !autoRegister {
@@ -242,6 +242,9 @@ func LoginUserLDAPSource(u *User, name, passwd string, source *LoginSource, auto
}
// Fallback.
+ if len(name) == 0 {
+ name = loginName
+ }
if len(mail) == 0 {
mail = fmt.Sprintf("%s@localhost", name)
}
@@ -249,10 +252,10 @@ func LoginUserLDAPSource(u *User, name, passwd string, source *LoginSource, auto
u = &User{
LowerName: strings.ToLower(name),
Name: name,
- FullName: strings.TrimSpace(fn + " " + sn),
+ FullName: composeFullName(fn, sn, name),
LoginType: source.Type,
LoginSource: source.ID,
- LoginName: name,
+ LoginName: loginName,
Email: mail,
IsAdmin: admin,
IsActive: true,
@@ -260,6 +263,19 @@ func LoginUserLDAPSource(u *User, name, passwd string, source *LoginSource, auto
return u, CreateUser(u)
}
+func composeFullName(firstName, surename, userName string) string {
+ switch {
+ case len(firstName) == 0 && len(surename) == 0:
+ return userName
+ case len(firstName) == 0:
+ return surename
+ case len(surename) == 0:
+ return firstName
+ default:
+ return firstName + " " + surename
+ }
+}
+
// _________ __________________________
// / _____/ / \__ ___/\______ \
// \_____ \ / \ / \| | | ___/