From 573305f3d3ac55a79639dcb4cc55694ad7a914a5 Mon Sep 17 00:00:00 2001
From: Adam Strzelecki <ono@java.pl>
Date: Tue, 1 Dec 2015 14:49:49 +0100
Subject: LDAP: Optional user name attribute specification

Consider following LDAP search query example:

    (&(objectClass=Person)(|(uid=%s)(mail=%s)))

Right now on first login attempt Gogs will use the text supplied on login form
as the newly created user name. In example query above the text matches against
both e-mail or user name. So if user puts the e-mail then the new Gogs user
name will be e-mail which may be undesired.

Using optional user name attribute setting we can explicitly say we want Gogs
user name to be certain LDAP attribute eg. `uid`, so even user will use e-mail
to login 1st time, the new account will receive correct user name.
---
 modules/auth/auth_form.go | 45 +++++++++++++++++++++++----------------------
 1 file changed, 23 insertions(+), 22 deletions(-)

(limited to 'modules/auth/auth_form.go')

diff --git a/modules/auth/auth_form.go b/modules/auth/auth_form.go
index 6f356344da..1604792a66 100644
--- a/modules/auth/auth_form.go
+++ b/modules/auth/auth_form.go
@@ -10,28 +10,29 @@ import (
 )
 
 type AuthenticationForm struct {
-	ID               int64
-	Type             int    `binding:"Range(2,5)"`
-	Name             string `binding:"Required;MaxSize(30)"`
-	Host             string
-	Port             int
-	BindDN           string
-	BindPassword     string
-	UserBase         string
-	UserDN           string `form:"user_dn"`
-	AttributeName    string
-	AttributeSurname string
-	AttributeMail    string
-	Filter           string
-	AdminFilter      string
-	IsActive         bool
-	SMTPAuth         string
-	SMTPHost         string
-	SMTPPort         int
-	AllowedDomains   string
-	TLS              bool
-	SkipVerify       bool
-	PAMServiceName   string `form:"pam_service_name"`
+	ID                int64
+	Type              int    `binding:"Range(2,5)"`
+	Name              string `binding:"Required;MaxSize(30)"`
+	Host              string
+	Port              int
+	BindDN            string
+	BindPassword      string
+	UserBase          string
+	UserDN            string `form:"user_dn"`
+	AttributeUsername string
+	AttributeName     string
+	AttributeSurname  string
+	AttributeMail     string
+	Filter            string
+	AdminFilter       string
+	IsActive          bool
+	SMTPAuth          string
+	SMTPHost          string
+	SMTPPort          int
+	AllowedDomains    string
+	TLS               bool
+	SkipVerify        bool
+	PAMServiceName    string `form:"pam_service_name"`
 }
 
 func (f *AuthenticationForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors {
-- 
cgit v1.2.3