|
|
@ -169,61 +169,59 @@ func UserSignIn(uname, passwd string) (*User, error) { |
|
|
|
// For plain login, user must exist to reach this line.
|
|
|
|
// For plain login, user must exist to reach this line.
|
|
|
|
// Now verify password.
|
|
|
|
// Now verify password.
|
|
|
|
if u.LoginType == PLAIN { |
|
|
|
if u.LoginType == PLAIN { |
|
|
|
newUser := &User{Passwd: passwd, Salt: u.Salt} |
|
|
|
if !u.ValidtePassword(passwd) { |
|
|
|
newUser.EncodePasswd() |
|
|
|
|
|
|
|
if u.Passwd != newUser.Passwd { |
|
|
|
|
|
|
|
return nil, ErrUserNotExist |
|
|
|
return nil, ErrUserNotExist |
|
|
|
} |
|
|
|
} |
|
|
|
return u, nil |
|
|
|
return u, nil |
|
|
|
} else { |
|
|
|
} |
|
|
|
if !has { |
|
|
|
|
|
|
|
var sources []LoginSource |
|
|
|
if !has { |
|
|
|
if err = x.UseBool().Find(&sources, |
|
|
|
var sources []LoginSource |
|
|
|
&LoginSource{IsActived: true, AllowAutoRegister: true}); err != nil { |
|
|
|
if err = x.UseBool().Find(&sources, |
|
|
|
return nil, err |
|
|
|
&LoginSource{IsActived: true, AllowAutoRegister: true}); err != nil { |
|
|
|
} |
|
|
|
return nil, err |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
for _, source := range sources { |
|
|
|
for _, source := range sources { |
|
|
|
if source.Type == LDAP { |
|
|
|
if source.Type == LDAP { |
|
|
|
u, err := LoginUserLdapSource(nil, uname, passwd, |
|
|
|
u, err := LoginUserLdapSource(nil, uname, passwd, |
|
|
|
source.Id, source.Cfg.(*LDAPConfig), true) |
|
|
|
source.Id, source.Cfg.(*LDAPConfig), true) |
|
|
|
if err == nil { |
|
|
|
if err == nil { |
|
|
|
return u, nil |
|
|
|
return u, nil |
|
|
|
} |
|
|
|
} |
|
|
|
log.Warn("Fail to login(%s) by LDAP(%s): %v", uname, source.Name, err) |
|
|
|
log.Warn("Fail to login(%s) by LDAP(%s): %v", uname, source.Name, err) |
|
|
|
} else if source.Type == SMTP { |
|
|
|
} else if source.Type == SMTP { |
|
|
|
u, err := LoginUserSMTPSource(nil, uname, passwd, |
|
|
|
u, err := LoginUserSMTPSource(nil, uname, passwd, |
|
|
|
source.Id, source.Cfg.(*SMTPConfig), true) |
|
|
|
source.Id, source.Cfg.(*SMTPConfig), true) |
|
|
|
if err == nil { |
|
|
|
if err == nil { |
|
|
|
return u, nil |
|
|
|
return u, nil |
|
|
|
} |
|
|
|
|
|
|
|
log.Warn("Fail to login(%s) by SMTP(%s): %v", uname, source.Name, err) |
|
|
|
|
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
log.Warn("Fail to login(%s) by SMTP(%s): %v", uname, source.Name, err) |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
return nil, ErrUserNotExist |
|
|
|
|
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
var source LoginSource |
|
|
|
return nil, ErrUserNotExist |
|
|
|
hasSource, err := x.Id(u.LoginSource).Get(&source) |
|
|
|
} |
|
|
|
if err != nil { |
|
|
|
|
|
|
|
return nil, err |
|
|
|
|
|
|
|
} else if !hasSource { |
|
|
|
|
|
|
|
return nil, ErrLoginSourceNotExist |
|
|
|
|
|
|
|
} else if !source.IsActived { |
|
|
|
|
|
|
|
return nil, ErrLoginSourceNotActived |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
switch u.LoginType { |
|
|
|
var source LoginSource |
|
|
|
case LDAP: |
|
|
|
hasSource, err := x.Id(u.LoginSource).Get(&source) |
|
|
|
return LoginUserLdapSource(u, u.LoginName, passwd, |
|
|
|
if err != nil { |
|
|
|
source.Id, source.Cfg.(*LDAPConfig), false) |
|
|
|
return nil, err |
|
|
|
case SMTP: |
|
|
|
} else if !hasSource { |
|
|
|
return LoginUserSMTPSource(u, u.LoginName, passwd, |
|
|
|
return nil, ErrLoginSourceNotExist |
|
|
|
source.Id, source.Cfg.(*SMTPConfig), false) |
|
|
|
} else if !source.IsActived { |
|
|
|
} |
|
|
|
return nil, ErrLoginSourceNotActived |
|
|
|
return nil, ErrUnsupportedLoginType |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
switch u.LoginType { |
|
|
|
|
|
|
|
case LDAP: |
|
|
|
|
|
|
|
return LoginUserLdapSource(u, u.LoginName, passwd, |
|
|
|
|
|
|
|
source.Id, source.Cfg.(*LDAPConfig), false) |
|
|
|
|
|
|
|
case SMTP: |
|
|
|
|
|
|
|
return LoginUserSMTPSource(u, u.LoginName, passwd, |
|
|
|
|
|
|
|
source.Id, source.Cfg.(*SMTPConfig), false) |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
return nil, ErrUnsupportedLoginType |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
// Query if name/passwd can login against the LDAP directory pool
|
|
|
|
// Query if name/passwd can login against the LDAP directory pool
|
|
|
|