bashclub/piler
1
0
Fork 0
mirror of https://bitbucket.org/jsuto/piler.git synced 2024-11-07 23:31:58 +01:00
Code Issues Packages Projects Releases Wiki Activity

check local auth first, then remote auth methods, eg. imap, pop3, ...

Browse Source 
Signed-off-by: Janos SUTO <sj@acts.hu>
This commit is contained in:
Janos SUTO 2018-05-13 08:53:16 +02:00
parent d975966a7a
commit 2331cd7546
1 changed files with 16 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
webui/model/user/auth.php
View File

@ -20,7 +20,6 @@ class ModelUserAuth extends Model {
public function checkLogin($username = '', $password = '') {
$session = Registry::get('session');
$ok = 0;
$imap_server = array();
@ -37,13 +36,20 @@ class ModelUserAuth extends Model {
$data['emails'] = array();
$data['folders'] = array();
if($username == '' || $password == '') { return 0; }
if($username == '' || $password == '') { return $ok; }
if(CUSTOM_PRE_AUTH_FUNCTION && function_exists(CUSTOM_PRE_AUTH_FUNCTION)) {
call_user_func(CUSTOM_PRE_AUTH_FUNCTION, $username);
}
// Check the fallback login first to prevent sending local account
// data (admin@local or auditor@local passwords) to remote imap, etc. servers.
$ok = $this->checkFallbackLogin($username, $password, $data);
if($ok == 1) { return $ok; }
if(ENABLE_LDAP_AUTH == 1) {
$ok = $this->checkLoginAgainstLDAP($username, $password, $data);
if($ok == 1) {
@ -86,7 +92,14 @@ class ModelUserAuth extends Model {
}
}
// fallback local auth
return $ok;
}
// fallback local auth
private function checkFallbackLogin(username = '', $password = '', $data = array()) {
$session = Registry::get('session');
$query = $this->db->query("SELECT u.username, u.uid, u.realname, u.dn, u.password, u.isadmin, u.domain FROM " . TABLE_USER . " u, " . TABLE_EMAIL . " e WHERE e.email=? AND e.uid=u.uid", array($username));