Added LDAP auth

master
Thomas Hooge 2 years ago
parent 7d6450706f
commit b144555e46
  1. 1
      lang/de.php
  2. 1
      lang/en.php
  3. 1
      lib/db.class.php
  4. 41
      lib/user.class.php
  5. 4
      submit.php
  6. 6
      tpl/user.tpl
  7. 8
      tpl/useredit.tpl
  8. 8
      tpl/userview.tpl
  9. 3
      user.php
  10. 8
      useredit.php
  11. 4
      userview.php

@ -144,6 +144,7 @@ $lang = array(
'lang_user_name' => 'Benutzername',
'lang_user_password' => 'Kennwort',
'lang_user_language' => 'Sprache',
'lang_user_realm' => 'Realm',
'lang_zone_add' => 'Zone hinzufügen',
'lang_zone_del' => 'Zone löschen',

@ -143,6 +143,7 @@ $lang = array(
'lang_user_edit' => 'Mofidy user',
'lang_user_name' => 'Username',
'lang_user_password' => 'Password',
'lang_user_realm' => 'Realm',
'lang_zone_add' => 'Add zone',
'lang_zone_del' => 'Delete zone',

@ -35,7 +35,6 @@
function db_insert($query) {
// run query
echo "<pre>$query</pre>";
$sql = mysqli_query($this->dblink, $query) or die(mysqli_error($this->dblink));
// return result

@ -30,6 +30,36 @@
}
}
function check_ldap_bind($user_name, $user_pass) {
global $config_ldap_host;
global $config_ldap_port;
global $config_ldap_base_dn;
global $config_ldap_bind_dn;
global $config_ldap_bind_pass;
global $config_ldap_login_attr;
$ldap_conn = NULL;
foreach ($config_ldap_host as $server) {
if ($ldap_conn = ldap_connect($server, $config_ldap_port)) {
if ($res = ldap_bind($ldap_conn, $config_ldap_bind_dn, $config_ldap_bind_pass)) {
ldap_set_option($ldap_conn, LDAP_OPT_REFERRALS, 0);
ldap_set_option($ldap_conn, LDAP_OPT_PROTOCOL_VERSION, 3);
$filter = "(&(objectClass=user)($config_ldap_login_attr=$user_name))";
$res = ldap_search($ldap_conn, $config_ldap_base_dn, $filter, ['dn']);
if ($res) {
$info = ldap_get_entries($ldap_conn, $res);
$user_dn = $info[0]['dn'];
$res = ldap_bind($ldap_conn, $user_dn, $user_pass);
if ($res) {
return TRUE;
}
}
}
return FALSE;
}
}
return FALSE;
}
function user_login($user_name, $user_pass) {
global $dblink;
// check user_name length
@ -50,6 +80,7 @@
$query = "SELECT
user.user_id,
user.user_pass,
user.user_realm,
user.user_displayname,
user.user_language,
user.user_imagesize,
@ -81,7 +112,14 @@
// any users?
if ($user_counter>0) {
// compare passwords
if ($users[0]['user_realm'] == 'ldap') {
// check LDAP auth
if (! $this->check_ldap_bind($user_name, $user_pass)) {
return FALSE;
}
// TODO sync LDAP data to local
} else {
// compare local passwords
if(!strcmp(md5($user_pass), rtrim($users[0]['user_pass']))) {
// all ok: user is logged in
@ -95,6 +133,7 @@
return FALSE;
}
}
}
} else {
return FALSE;
}

@ -1000,12 +1000,14 @@ if (isset($_POST['edit'])) {
$user_id = sanitize($_POST['user_id']);
$user_name = sanitize($_POST['user_name']);
$user_displayname = sanitize($_POST['user_displayname']);
$user_realm = sanitize($_POST['user_realm']);
$query = "UPDATE
user
SET
user_name='" . $user_name . "',
user_displayname='" . $user_displayname . "'
user_displayname='" . $user_displayname . "',
user_realm='" . $user_realm . "'
WHERE
user_id=" . $user_id;

@ -15,6 +15,9 @@
<td class="header">
{$lang_user_name}
</td>
<td class="header">
{$lang_user_realm}
</td>
<td class="header">
{$lang_user_displayname}
</td>
@ -24,6 +27,9 @@
<td class="label">
<a href="userview.php?user_id={$user.user_id}">{$user.user_name}</a>
</td>
<td class="value">
{$user.user_realm}
</td>
<td class="value">
{$user.user_displayname}
</td>

@ -40,6 +40,14 @@
<input type="text" name="user_displayname" value="{$user_displayname}">
</td>
</tr>
<tr>
<td class="label">
{$lang_user_realm}
</td>
<td class="value">
{html_radios name=user_realm values=$realm_ids output=$realm_names selected=$realm_selected}
</td>
</tr>
</table>
</form>

@ -36,4 +36,12 @@
{$user_displayname}
</td>
</tr>
<tr>
<td class="label">
{$lang_user_realm}
</td>
<td class="value">
{$user_realm}
</td>
</tr>
</table>

@ -13,7 +13,8 @@ include("header.php");
$query = "SELECT
user_id,
user_name,
user_displayname
user_displayname,
user_realm
FROM
user
ORDER BY

@ -15,7 +15,8 @@ include("header.php");
$query = "SELECT
user_name,
user_displayname
user_displayname,
user_realm
FROM
user
WHERE
@ -27,6 +28,11 @@ $smarty->assign("user_id", $user_id);
$smarty->assign("user_name", $user[0]['user_name']);
$smarty->assign("user_displayname", $user[0]['user_displayname']);
// auth realms
$smarty->assign("realm_ids", ['local', 'ldap']);
$smarty->assign("realm_names", ['Local', 'LDAP']);
$smarty->assign("realm_selected", $user[0]['user_realm']);
$smarty->display("useredit.tpl");
include("footer.php");

@ -15,7 +15,8 @@ include("header.php");
$query = "SELECT
user_name,
user_displayname
user_displayname,
user_realm
FROM
user
WHERE
@ -28,6 +29,7 @@ $user = $db->db_select($query);
$smarty->assign("user_id", $user_id);
$smarty->assign("user_name", $user[0]['user_name']);
$smarty->assign("user_displayname", $user[0]['user_displayname']);
$smarty->assign("user_realm", $user[0]['user_realm']);
$smarty->display("userview.tpl");