Replace the name of the stream if using an alias
This commit is contained in:
Yohann D'ANELLO
parent
7e0ee7aba5
commit
e47aefd6df
GPG Key ID:
3A75C55819C8CF85
|
|
@ -20,7 +20,7 @@ type Options struct {
|
||||||
|
|
||||||
// Backend to log user in
|
// Backend to log user in
|
||||||
type Backend interface {
|
type Backend interface {
|
||||||
Login(string, string) (bool, error)
|
Login(string, string) (bool, string, error)
|
||||||
Close()
|
Close()
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -23,15 +23,15 @@ type Basic struct {
|
||||||
|
|
||||||
// Login hashs password and compare
|
// Login hashs password and compare
|
||||||
// Returns (true, nil) if success
|
// Returns (true, nil) if success
|
||||||
func (a Basic) Login(username string, password string) (bool, error) {
|
func (a Basic) Login(username string, password string) (bool, string, error) {
|
||||||
hash, ok := a.Cfg.Credentials[username]
|
hash, ok := a.Cfg.Credentials[username]
|
||||||
if !ok {
|
if !ok {
|
||||||
return false, errors.New("user not found in credentials")
|
return false, "", errors.New("user not found in credentials")
|
||||||
}
|
}
|
||||||
err := bcrypt.CompareHashAndPassword([]byte(hash), []byte(password))
|
err := bcrypt.CompareHashAndPassword([]byte(hash), []byte(password))
|
||||||
|
|
||||||
// Login succeeded if no error
|
// Login succeeded if no error
|
||||||
return err == nil, err
|
return err == nil, username, err
|
||||||
}
|
}
|
||||||
|
|
||||||
// Close has no connection to close
|
// Close has no connection to close
|
||||||
|
|
|
||||||
|
|
@ -22,11 +22,11 @@ type LDAP struct {
|
||||||
|
|
||||||
// Login tries to bind to LDAP
|
// Login tries to bind to LDAP
|
||||||
// Returns (true, nil) if success
|
// Returns (true, nil) if success
|
||||||
func (a LDAP) Login(username string, password string) (bool, error) {
|
func (a LDAP) Login(username string, password string) (bool, string, error) {
|
||||||
aliasSplit := strings.SplitN(username, "__", 2)
|
aliasSplit := strings.SplitN(username, "__", 2)
|
||||||
potentialUsernames := []string{username}
|
potentialUsernames := []string{username}
|
||||||
|
|
||||||
for len(aliasSplit) == 2 {
|
if len(aliasSplit) == 2 {
|
||||||
alias := aliasSplit[0]
|
alias := aliasSplit[0]
|
||||||
trueUsername := aliasSplit[1]
|
trueUsername := aliasSplit[1]
|
||||||
// Resolve stream alias if necessary
|
// Resolve stream alias if necessary
|
||||||
|
|
@ -45,12 +45,12 @@ func (a LDAP) Login(username string, password string) (bool, error) {
|
||||||
err = a.Conn.Bind(bindDn, password)
|
err = a.Conn.Bind(bindDn, password)
|
||||||
if err == nil {
|
if err == nil {
|
||||||
// Login succeeded if no error
|
// Login succeeded if no error
|
||||||
return true, nil
|
return true, aliasSplit[0], nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// Unable to log in
|
// Unable to log in
|
||||||
return err == nil, err
|
return err == nil, "", err
|
||||||
}
|
}
|
||||||
|
|
||||||
// Close LDAP connection
|
// Close LDAP connection
|
||||||
|
|
|
||||||
|
|
@ -82,7 +82,7 @@ func Serve(streams *messaging.Streams, authBackend auth.Backend, cfg *Options) {
|
||||||
name, password := split[0], split[1]
|
name, password := split[0], split[1]
|
||||||
if authBackend != nil {
|
if authBackend != nil {
|
||||||
// check password
|
// check password
|
||||||
if ok, err := authBackend.Login(name, password); !ok || err != nil {
|
if ok, name, err := authBackend.Login(name, password); !ok || err != nil {
|
||||||
log.Printf("Failed to authenticate for stream %s", name)
|
log.Printf("Failed to authenticate for stream %s", name)
|
||||||
s.Close()
|
s.Close()
|
||||||
continue
|
continue
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue