Home Esplora Aiuto
Registrati Accedi
Apq
/
gogs
mirror da https://github.com/gogs/gogs.git
1
0
Forka 0
File Problemi 0 Wiki
Sfoglia il codice sorgente

routers/repo/setting.go: fix LDAP cannot validate password #1006

Unknwon 10 anni fa
parent
e3d73d9b24
commit
18c0697329
2 ha cambiato i file con 61 aggiunte e 55 eliminazioni
Visualizzazione separata Mostra Diff Stats
  1. 43 45
      models/login.go
  2. 18 10
      routers/repo/setting.go

+ 43 - 45
models/login.go
Vedi File 

@@ -169,61 +169,59 @@ func UserSignIn(uname, passwd string) (*User, error) {
 
 	// For plain login, user must exist to reach this line.
 
 	// Now verify password.
 
 	if u.LoginType == PLAIN {
 
-		newUser := &User{Passwd: passwd, Salt: u.Salt}
 
-		newUser.EncodePasswd()
 
-		if u.Passwd != newUser.Passwd {
 
+		if !u.ValidtePassword(passwd) {
 
 			return nil, ErrUserNotExist
 
 		}
 
 		return u, nil
 
-	} else {
 
-		if !has {
 
-			var sources []LoginSource
 
-			if err = x.UseBool().Find(&sources,
 
-				&LoginSource{IsActived: true, AllowAutoRegister: true}); err != nil {
 
-				return nil, err
 
-			}
 
+	}
 
+
 
+	if !has {
 
+		var sources []LoginSource
 
+		if err = x.UseBool().Find(&sources,
 
+			&LoginSource{IsActived: true, AllowAutoRegister: true}); err != nil {
 
+			return nil, err
 
+		}
 
 
-			for _, source := range sources {
 
-				if source.Type == LDAP {
 
-					u, err := LoginUserLdapSource(nil, uname, passwd,
 
-						source.Id, source.Cfg.(*LDAPConfig), true)
 
-					if err == nil {
 
-						return u, nil
 
-					}
 
-					log.Warn("Fail to login(%s) by LDAP(%s): %v", uname, source.Name, err)
 
-				} else if source.Type == SMTP {
 
-					u, err := LoginUserSMTPSource(nil, uname, passwd,
 
-						source.Id, source.Cfg.(*SMTPConfig), true)
 
-					if err == nil {
 
-						return u, nil
 
-					}
 
-					log.Warn("Fail to login(%s) by SMTP(%s): %v", uname, source.Name, err)
 
+		for _, source := range sources {
 
+			if source.Type == LDAP {
 
+				u, err := LoginUserLdapSource(nil, uname, passwd,
 
+					source.Id, source.Cfg.(*LDAPConfig), true)
 
+				if err == nil {
 
+					return u, nil
 
+				}
 
+				log.Warn("Fail to login(%s) by LDAP(%s): %v", uname, source.Name, err)
 
+			} else if source.Type == SMTP {
 
+				u, err := LoginUserSMTPSource(nil, uname, passwd,
 
+					source.Id, source.Cfg.(*SMTPConfig), true)
 
+				if err == nil {
 
+					return u, nil
 
 				}
 
+				log.Warn("Fail to login(%s) by SMTP(%s): %v", uname, source.Name, err)
 
 			}
 
-
 
-			return nil, ErrUserNotExist
 
 		}
 
 
-		var source LoginSource
 
-		hasSource, err := x.Id(u.LoginSource).Get(&source)
 
-		if err != nil {
 
-			return nil, err
 
-		} else if !hasSource {
 
-			return nil, ErrLoginSourceNotExist
 
-		} else if !source.IsActived {
 
-			return nil, ErrLoginSourceNotActived
 
-		}
 
+		return nil, ErrUserNotExist
 
+	}
 
 
-		switch u.LoginType {
 
-		case LDAP:
 
-			return LoginUserLdapSource(u, u.LoginName, passwd,
 
-				source.Id, source.Cfg.(*LDAPConfig), false)
 
-		case SMTP:
 
-			return LoginUserSMTPSource(u, u.LoginName, passwd,
 
-				source.Id, source.Cfg.(*SMTPConfig), false)
 
-		}
 
-		return nil, ErrUnsupportedLoginType
 
+	var source LoginSource
 
+	hasSource, err := x.Id(u.LoginSource).Get(&source)
 
+	if err != nil {
 
+		return nil, err
 
+	} else if !hasSource {
 
+		return nil, ErrLoginSourceNotExist
 
+	} else if !source.IsActived {
 
+		return nil, ErrLoginSourceNotActived
 
+	}
 
+
 
+	switch u.LoginType {
 
+	case LDAP:
 
+		return LoginUserLdapSource(u, u.LoginName, passwd,
 
+			source.Id, source.Cfg.(*LDAPConfig), false)
 
+	case SMTP:
 
+		return LoginUserSMTPSource(u, u.LoginName, passwd,
 
+			source.Id, source.Cfg.(*SMTPConfig), false)
 
 	}
 
+	return nil, ErrUnsupportedLoginType
 
 }
 
 
 // Query if name/passwd can login against the LDAP directory pool

+ 18 - 10
routers/repo/setting.go
Vedi File 

@@ -111,10 +111,18 @@ func SettingsPost(ctx *middleware.Context, form auth.RepoSettingForm) {
 
 		} else if !isExist {
 
 			ctx.RenderWithErr(ctx.Tr("form.enterred_invalid_owner_name"), SETTINGS_OPTIONS, nil)
 
 			return
 
-		} else if !ctx.User.ValidtePassword(ctx.Query("password")) {
 
-			ctx.RenderWithErr(ctx.Tr("form.enterred_invalid_password"), SETTINGS_OPTIONS, nil)
 
+		}
 
+
 
+		if _, err = models.UserSignIn(ctx.User.Name, ctx.Query("password")); err != nil {
 
+			if err == models.ErrUserNotExist {
 
+				ctx.RenderWithErr(ctx.Tr("form.enterred_invalid_password"), SETTINGS_OPTIONS, nil)
 
+			} else {
 
+				ctx.Handle(500, "UserSignIn", err)
 
+			}
 
 			return
 
-		} else if err = models.TransferOwnership(ctx.User, newOwner, ctx.Repo.Repository); err != nil {
 
+		}
 
+
 
+		if err = models.TransferOwnership(ctx.User, newOwner, ctx.Repo.Repository); err != nil {
 
 			if err == models.ErrRepoAlreadyExist {
 
 				ctx.RenderWithErr(ctx.Tr("repo.settings.new_owner_has_same_repo"), SETTINGS_OPTIONS, nil)
 
 			} else {
 
@@ -136,15 +144,15 @@ func SettingsPost(ctx *middleware.Context, form auth.RepoSettingForm) {
 
 				ctx.Error(404)
 
 				return
 
 			}
 
-			if !ctx.User.ValidtePassword(ctx.Query("password")) {
 
-				ctx.RenderWithErr(ctx.Tr("form.enterred_invalid_password"), SETTINGS_OPTIONS, nil)
 
-				return
 
-			}
 
-		} else {
 
-			if !ctx.Repo.Owner.ValidtePassword(ctx.Query("password")) {
 
+		}
 
+
 
+		if _, err := models.UserSignIn(ctx.User.Name, ctx.Query("password")); err != nil {
 
+			if err == models.ErrUserNotExist {
 
 				ctx.RenderWithErr(ctx.Tr("form.enterred_invalid_password"), SETTINGS_OPTIONS, nil)
 
-				return
 
+			} else {
 
+				ctx.Handle(500, "UserSignIn", err)
 
 			}
 
+			return
 
 		}
 
 
 		if err := models.DeleteRepository(ctx.Repo.Owner.Id, ctx.Repo.Repository.Id, ctx.Repo.Owner.Name); err != nil {