AIUS/Overleaf
1
0
Fork 0
mirror of https://git.unistra.fr/aius/root/ldap-overleaf-sl.git synced 2024-10-05 23:23:59 +02:00
Code Issues Packages Projects Releases Wiki Activity

Next phase

Browse Source
This commit is contained in:
Christian Huettig 2021-04-28 21:33:10 +02:00
parent 2b58ad96e3
commit a8d72465d9
1 changed files with 18 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
ldap-overleaf-sl/sharelatex/AuthenticationManager.js
View File

@ -89,21 +89,19 @@ const AuthenticationManager = {
}, },
authUserObj(error, user, query, password, callback) { authUserObj(error, user, query, password, callback) {
if ( process.env.ALLOW_EMAIL_LOGIN ) { if ( process.env.ALLOW_EMAIL_LOGIN && user && user.hashedPassword) {
// (external) email login console.log("email login for existing user " + query.mail)
if (user && user.hashedPassword) {
console.log("email login for existing user")
// check passwd against local db // check passwd against local db
bcrypt.compare(password, user.hashedPassword, function (error, match) { bcrypt.compare(password, user.hashedPassword, function (error, match) {
if (match) { if (match) {
console.log("Fine") console.log("Local user password match")
AuthenticationManager.login(user, password, callback) AuthenticationManager.login(user, password, callback)
}
})
} else { } else {
console.log("Local user password mismatch, trying LDAP")
// check passwd against ldap // check passwd against ldap
AuthenticationManager.ldapAuth(query, password, AuthenticationManager.createIfNotExistAndLogin, callback, user) AuthenticationManager.ldapAuth(query, password, AuthenticationManager.createIfNotExistAndLogin, callback, user)
} }
})
} else { } else {
// No local passwd check user has to be in ldap and use ldap credentials // No local passwd check user has to be in ldap and use ldap credentials
AuthenticationManager.ldapAuth(query, password, AuthenticationManager.createIfNotExistAndLogin, callback, user) AuthenticationManager.ldapAuth(query, password, AuthenticationManager.createIfNotExistAndLogin, callback, user)
@ -301,7 +299,8 @@ const AuthenticationManager = {
mail = searchEntries[0].mail mail = searchEntries[0].mail
firstname = searchEntries[0].givenName firstname = searchEntries[0].givenName
lastname = searchEntries[0].sn lastname = searchEntries[0].sn
console.log("Found user: " + mail + " Name: " + firstname + " " + lastname) userDn = searchEntries[0].dn
console.log("Found user: " + mail + " Name: " + firstname + " " + lastname + " DN: " + userDn)
} }
} catch (ex) { } catch (ex) {
console.log("An Error occured while getting user data during ldapsearch: " + String(ex)) console.log("An Error occured while getting user data during ldapsearch: " + String(ex))
@ -331,11 +330,17 @@ const AuthenticationManager = {
} finally { } finally {
await client.unbind(); await client.unbind();
} }
if (mail == "") { if (mail == "" || userDn == "") {
console.log("Mail not set - exit. This should not happen - please set mail-entry in ldap.") console.log("Mail / userDn not set - exit. This should not happen - please set mail-entry in ldap.")
return callback(null, null) return callback(null, null)
} }
return callback(null, null) // Always unsuccessful for debug try {
await client.bind(userDn, password);
} catch (ex) {
console.log("Could not bind User: " + userDn + " err: " + String(ex))
return callback(null, null)
}
//console.log("Logging in user: " + mail + " Name: " + firstname + " " + lastname + " isAdmin: " + String(isAdmin)) //console.log("Logging in user: " + mail + " Name: " + firstname + " " + lastname + " isAdmin: " + String(isAdmin))
// we are authenticated now let's set the query to the correct mail from ldap // we are authenticated now let's set the query to the correct mail from ldap
query.email = mail query.email = mail