diff options
| author | Unknwon <u@gogs.io> | 2015-03-05 19:20:27 -0500 |
|---|---|---|
| committer | Unknwon <u@gogs.io> | 2015-03-05 19:20:27 -0500 |
| commit | 18c06973292a3d20b8ad72575c819fbe3287a9ad (patch) | |
| tree | aee9bcfd564a76fb2b81951d7725e9847e53f8f1 /models | |
| parent | e3d73d9b244174def7c5c73289c2c141fe6f652a (diff) | |
| download | gitea-18c06973292a3d20b8ad72575c819fbe3287a9ad.tar.gz gitea-18c06973292a3d20b8ad72575c819fbe3287a9ad.zip | |
routers/repo/setting.go: fix LDAP cannot validate password #1006
Diffstat (limited to 'models')
| -rw-r--r-- | models/login.go | 88 |
1 files changed, 43 insertions, 45 deletions
diff --git a/models/login.go b/models/login.go index 1dc1b6cad3..e00d59b0ed 100644 --- a/models/login.go +++ b/models/login.go @@ -169,61 +169,59 @@ func UserSignIn(uname, passwd string) (*User, error) { // For plain login, user must exist to reach this line. // Now verify password. if u.LoginType == PLAIN { - newUser := &User{Passwd: passwd, Salt: u.Salt} - newUser.EncodePasswd() - if u.Passwd != newUser.Passwd { + if !u.ValidtePassword(passwd) { return nil, ErrUserNotExist } return u, nil - } else { - if !has { - var sources []LoginSource - if err = x.UseBool().Find(&sources, - &LoginSource{IsActived: true, AllowAutoRegister: true}); err != nil { - return nil, err - } + } + + if !has { + var sources []LoginSource + if err = x.UseBool().Find(&sources, + &LoginSource{IsActived: true, AllowAutoRegister: true}); err != nil { + return nil, err + } - for _, source := range sources { - if source.Type == LDAP { - u, err := LoginUserLdapSource(nil, uname, passwd, - source.Id, source.Cfg.(*LDAPConfig), true) - if err == nil { - return u, nil - } - log.Warn("Fail to login(%s) by LDAP(%s): %v", uname, source.Name, err) - } else if source.Type == SMTP { - u, err := LoginUserSMTPSource(nil, uname, passwd, - source.Id, source.Cfg.(*SMTPConfig), true) - if err == nil { - return u, nil - } - log.Warn("Fail to login(%s) by SMTP(%s): %v", uname, source.Name, err) + for _, source := range sources { + if source.Type == LDAP { + u, err := LoginUserLdapSource(nil, uname, passwd, + source.Id, source.Cfg.(*LDAPConfig), true) + if err == nil { + return u, nil + } + log.Warn("Fail to login(%s) by LDAP(%s): %v", uname, source.Name, err) + } else if source.Type == SMTP { + u, err := LoginUserSMTPSource(nil, uname, passwd, + source.Id, source.Cfg.(*SMTPConfig), true) + if err == nil { + return u, nil } + log.Warn("Fail to login(%s) by SMTP(%s): %v", uname, source.Name, err) } - - return nil, ErrUserNotExist } - var source LoginSource - hasSource, err := x.Id(u.LoginSource).Get(&source) - if err != nil { - return nil, err - } else if !hasSource { - return nil, ErrLoginSourceNotExist - } else if !source.IsActived { - return nil, ErrLoginSourceNotActived - } + return nil, ErrUserNotExist + } - switch u.LoginType { - case LDAP: - return LoginUserLdapSource(u, u.LoginName, passwd, - source.Id, source.Cfg.(*LDAPConfig), false) - case SMTP: - return LoginUserSMTPSource(u, u.LoginName, passwd, - source.Id, source.Cfg.(*SMTPConfig), false) - } - return nil, ErrUnsupportedLoginType + var source LoginSource + hasSource, err := x.Id(u.LoginSource).Get(&source) + if err != nil { + return nil, err + } else if !hasSource { + return nil, ErrLoginSourceNotExist + } else if !source.IsActived { + return nil, ErrLoginSourceNotActived + } + + switch u.LoginType { + case LDAP: + return LoginUserLdapSource(u, u.LoginName, passwd, + source.Id, source.Cfg.(*LDAPConfig), false) + case SMTP: + return LoginUserSMTPSource(u, u.LoginName, passwd, + source.Id, source.Cfg.(*SMTPConfig), false) } + return nil, ErrUnsupportedLoginType } // Query if name/passwd can login against the LDAP directory pool |