This commit is contained in:
@@ -79,6 +79,15 @@ func (u *User) DeleteUser() error {
|
||||
}
|
||||
|
||||
func VerifyPassword(password, hashedPassword string) error {
|
||||
|
||||
if len(password) == 0 {
|
||||
return errors.New("unable to verify empty password")
|
||||
}
|
||||
|
||||
if len(hashedPassword) == 0 {
|
||||
return errors.New("unable to compare password with empty hash")
|
||||
}
|
||||
|
||||
log.Printf("VerifyPassword comparing input against hashed value '%s'\n", hashedPassword)
|
||||
return bcrypt.CompareHashAndPassword([]byte(hashedPassword), []byte(password))
|
||||
}
|
||||
@@ -120,7 +129,7 @@ func LoginCheck(username string, password string) (string, error) {
|
||||
log.Printf("LoginCheck retrieved user '%v' from database\n", u)
|
||||
}
|
||||
|
||||
log.Printf("u: %v\n", u)
|
||||
//log.Printf("u: %v\n", u)
|
||||
|
||||
if !u.LdapUser {
|
||||
err = VerifyPassword(password, u.Password)
|
||||
@@ -132,9 +141,15 @@ func LoginCheck(username string, password string) (string, error) {
|
||||
log.Printf("LoginCheck verified password against stored hash.\n")
|
||||
}
|
||||
} else {
|
||||
log.Printf("LoginCheck no need to verify password in database for LDAP user\n")
|
||||
err := VerifyLdapCreds(username, password)
|
||||
|
||||
// TODO - verify LDAP credentials if this LDAP user was previously stored in the database
|
||||
if err != nil {
|
||||
errString := fmt.Sprintf("LoginCheck LDAP user bind unsuccessful : '%s'\n", err)
|
||||
log.Print(errString)
|
||||
return "", errors.New(errString)
|
||||
} else {
|
||||
log.Printf("LoginCheck successfully verified LDAP user\n")
|
||||
}
|
||||
}
|
||||
|
||||
token, err := token.GenerateToken(uint(u.UserId))
|
||||
@@ -184,6 +199,7 @@ func LdapLoginCheck(username string, password string) (User, error) {
|
||||
|
||||
if matchFound {
|
||||
// If we found a match, then store user with appropriate role ID
|
||||
u.LdapUser = true
|
||||
u.SaveUser()
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user