Added LDAP auth

master
Thomas Hooge 2 years ago
parent 7d6450706f
commit b144555e46
  1. 1
      lang/de.php
  2. 1
      lang/en.php
  3. 1
      lib/db.class.php
  4. 41
      lib/user.class.php
  5. 4
      submit.php
  6. 6
      tpl/user.tpl
  7. 8
      tpl/useredit.tpl
  8. 8
      tpl/userview.tpl
  9. 3
      user.php
  10. 8
      useredit.php
  11. 4
      userview.php

@ -144,6 +144,7 @@ $lang = array(
'lang_user_name' => 'Benutzername', 'lang_user_name' => 'Benutzername',
'lang_user_password' => 'Kennwort', 'lang_user_password' => 'Kennwort',
'lang_user_language' => 'Sprache', 'lang_user_language' => 'Sprache',
'lang_user_realm' => 'Realm',
'lang_zone_add' => 'Zone hinzufügen', 'lang_zone_add' => 'Zone hinzufügen',
'lang_zone_del' => 'Zone löschen', 'lang_zone_del' => 'Zone löschen',

@ -143,6 +143,7 @@ $lang = array(
'lang_user_edit' => 'Mofidy user', 'lang_user_edit' => 'Mofidy user',
'lang_user_name' => 'Username', 'lang_user_name' => 'Username',
'lang_user_password' => 'Password', 'lang_user_password' => 'Password',
'lang_user_realm' => 'Realm',
'lang_zone_add' => 'Add zone', 'lang_zone_add' => 'Add zone',
'lang_zone_del' => 'Delete zone', 'lang_zone_del' => 'Delete zone',

@ -35,7 +35,6 @@
function db_insert($query) { function db_insert($query) {
// run query // run query
echo "<pre>$query</pre>";
$sql = mysqli_query($this->dblink, $query) or die(mysqli_error($this->dblink)); $sql = mysqli_query($this->dblink, $query) or die(mysqli_error($this->dblink));
// return result // return result

@ -30,6 +30,36 @@
} }
} }
function check_ldap_bind($user_name, $user_pass) {
global $config_ldap_host;
global $config_ldap_port;
global $config_ldap_base_dn;
global $config_ldap_bind_dn;
global $config_ldap_bind_pass;
global $config_ldap_login_attr;
$ldap_conn = NULL;
foreach ($config_ldap_host as $server) {
if ($ldap_conn = ldap_connect($server, $config_ldap_port)) {
if ($res = ldap_bind($ldap_conn, $config_ldap_bind_dn, $config_ldap_bind_pass)) {
ldap_set_option($ldap_conn, LDAP_OPT_REFERRALS, 0);
ldap_set_option($ldap_conn, LDAP_OPT_PROTOCOL_VERSION, 3);
$filter = "(&(objectClass=user)($config_ldap_login_attr=$user_name))";
$res = ldap_search($ldap_conn, $config_ldap_base_dn, $filter, ['dn']);
if ($res) {
$info = ldap_get_entries($ldap_conn, $res);
$user_dn = $info[0]['dn'];
$res = ldap_bind($ldap_conn, $user_dn, $user_pass);
if ($res) {
return TRUE;
}
}
}
return FALSE;
}
}
return FALSE;
}
function user_login($user_name, $user_pass) { function user_login($user_name, $user_pass) {
global $dblink; global $dblink;
// check user_name length // check user_name length
@ -50,6 +80,7 @@
$query = "SELECT $query = "SELECT
user.user_id, user.user_id,
user.user_pass, user.user_pass,
user.user_realm,
user.user_displayname, user.user_displayname,
user.user_language, user.user_language,
user.user_imagesize, user.user_imagesize,
@ -81,7 +112,14 @@
// any users? // any users?
if ($user_counter>0) { if ($user_counter>0) {
// compare passwords if ($users[0]['user_realm'] == 'ldap') {
// check LDAP auth
if (! $this->check_ldap_bind($user_name, $user_pass)) {
return FALSE;
}
// TODO sync LDAP data to local
} else {
// compare local passwords
if(!strcmp(md5($user_pass), rtrim($users[0]['user_pass']))) { if(!strcmp(md5($user_pass), rtrim($users[0]['user_pass']))) {
// all ok: user is logged in // all ok: user is logged in
@ -95,6 +133,7 @@
return FALSE; return FALSE;
} }
} }
}
} else { } else {
return FALSE; return FALSE;
} }

@ -1000,12 +1000,14 @@ if (isset($_POST['edit'])) {
$user_id = sanitize($_POST['user_id']); $user_id = sanitize($_POST['user_id']);
$user_name = sanitize($_POST['user_name']); $user_name = sanitize($_POST['user_name']);
$user_displayname = sanitize($_POST['user_displayname']); $user_displayname = sanitize($_POST['user_displayname']);
$user_realm = sanitize($_POST['user_realm']);
$query = "UPDATE $query = "UPDATE
user user
SET SET
user_name='" . $user_name . "', user_name='" . $user_name . "',
user_displayname='" . $user_displayname . "' user_displayname='" . $user_displayname . "',
user_realm='" . $user_realm . "'
WHERE WHERE
user_id=" . $user_id; user_id=" . $user_id;

@ -15,6 +15,9 @@
<td class="header"> <td class="header">
{$lang_user_name} {$lang_user_name}
</td> </td>
<td class="header">
{$lang_user_realm}
</td>
<td class="header"> <td class="header">
{$lang_user_displayname} {$lang_user_displayname}
</td> </td>
@ -24,6 +27,9 @@
<td class="label"> <td class="label">
<a href="userview.php?user_id={$user.user_id}">{$user.user_name}</a> <a href="userview.php?user_id={$user.user_id}">{$user.user_name}</a>
</td> </td>
<td class="value">
{$user.user_realm}
</td>
<td class="value"> <td class="value">
{$user.user_displayname} {$user.user_displayname}
</td> </td>

@ -40,6 +40,14 @@
<input type="text" name="user_displayname" value="{$user_displayname}"> <input type="text" name="user_displayname" value="{$user_displayname}">
</td> </td>
</tr> </tr>
<tr>
<td class="label">
{$lang_user_realm}
</td>
<td class="value">
{html_radios name=user_realm values=$realm_ids output=$realm_names selected=$realm_selected}
</td>
</tr>
</table> </table>
</form> </form>

@ -36,4 +36,12 @@
{$user_displayname} {$user_displayname}
</td> </td>
</tr> </tr>
<tr>
<td class="label">
{$lang_user_realm}
</td>
<td class="value">
{$user_realm}
</td>
</tr>
</table> </table>

@ -13,7 +13,8 @@ include("header.php");
$query = "SELECT $query = "SELECT
user_id, user_id,
user_name, user_name,
user_displayname user_displayname,
user_realm
FROM FROM
user user
ORDER BY ORDER BY

@ -15,7 +15,8 @@ include("header.php");
$query = "SELECT $query = "SELECT
user_name, user_name,
user_displayname user_displayname,
user_realm
FROM FROM
user user
WHERE WHERE
@ -27,6 +28,11 @@ $smarty->assign("user_id", $user_id);
$smarty->assign("user_name", $user[0]['user_name']); $smarty->assign("user_name", $user[0]['user_name']);
$smarty->assign("user_displayname", $user[0]['user_displayname']); $smarty->assign("user_displayname", $user[0]['user_displayname']);
// auth realms
$smarty->assign("realm_ids", ['local', 'ldap']);
$smarty->assign("realm_names", ['Local', 'LDAP']);
$smarty->assign("realm_selected", $user[0]['user_realm']);
$smarty->display("useredit.tpl"); $smarty->display("useredit.tpl");
include("footer.php"); include("footer.php");

@ -15,7 +15,8 @@ include("header.php");
$query = "SELECT $query = "SELECT
user_name, user_name,
user_displayname user_displayname,
user_realm
FROM FROM
user user
WHERE WHERE
@ -28,6 +29,7 @@ $user = $db->db_select($query);
$smarty->assign("user_id", $user_id); $smarty->assign("user_id", $user_id);
$smarty->assign("user_name", $user[0]['user_name']); $smarty->assign("user_name", $user[0]['user_name']);
$smarty->assign("user_displayname", $user[0]['user_displayname']); $smarty->assign("user_displayname", $user[0]['user_displayname']);
$smarty->assign("user_realm", $user[0]['user_realm']);
$smarty->display("userview.tpl"); $smarty->display("userview.tpl");