1
0
mirror of https://github.com/mailcow/mailcow-dockerized.git synced 2024-12-23 02:04:46 +02:00

[Web] use cn as fallback ldap login

This commit is contained in:
FreddleSpl0it 2024-08-13 12:14:05 +02:00
parent 519d95cb8b
commit 58a5a4578c
No known key found for this signature in database
GPG Key ID: 00E14E7634F4BEC5

View File

@ -498,7 +498,7 @@ function ldap_mbox_login($user, $pass, $iam_settings, $extra = null){
$ldap_query = $ldap_query->rawFilter($iam_settings['filter']); $ldap_query = $ldap_query->rawFilter($iam_settings['filter']);
} }
$ldap_query = $ldap_query->where($iam_settings['username_field'], '=', $user) $ldap_query = $ldap_query->where($iam_settings['username_field'], '=', $user)
->select([$iam_settings['username_field'], $iam_settings['attribute_field'], 'displayname', 'distinguishedname']); ->select([$iam_settings['username_field'], $iam_settings['attribute_field'], 'displayname', 'distinguishedname', 'cn']);
$user_res = $ldap_query->firstOrFail(); $user_res = $ldap_query->firstOrFail();
} catch (Exception $e) { } catch (Exception $e) {
@ -513,12 +513,15 @@ function ldap_mbox_login($user, $pass, $iam_settings, $extra = null){
} }
try { try {
if (!$iam_provider->auth()->attempt($user_res['distinguishedname'][0], $pass)) { if (!$iam_provider->auth()->attempt($user_res['distinguishedname'][0], $pass)) {
$_SESSION['return'][] = array( // fallback to cn
'type' => 'danger', if (!$iam_provider->auth()->attempt($user_res['cn'][0], $pass)) {
'log' => array(__FUNCTION__, $user, '*', $user_res), $_SESSION['return'][] = array(
'msg' => 'ldap_auth_failed' 'type' => 'danger',
); 'log' => array(__FUNCTION__, $user, '*', $user_res),
return false; 'msg' => 'ldap_auth_failed'
);
return false;
}
} }
} catch (Exception $e) { } catch (Exception $e) {
// clear $_SESSION['return'] to not leak data // clear $_SESSION['return'] to not leak data