@ -461,7 +461,7 @@ var (
// LoginViaLDAP queries if login/password is valid against the LDAP directory pool,
// and create a local user if success when enabled.
func LoginViaLDAP ( user * User , login , password string , source * LoginSource , autoRegister bool ) ( * User , error ) {
func LoginViaLDAP ( user * User , login , password string , source * LoginSource ) ( * User , error ) {
sr := source . Cfg . ( * LDAPConfig ) . SearchEntry ( login , password , source . Type == LoginDLDAP )
if sr == nil {
// User not in LDAP, do nothing
@ -491,7 +491,7 @@ func LoginViaLDAP(user *User, login, password string, source *LoginSource, autoR
}
}
if ! a utoRegi st er {
if user != nil {
if isAttributeSSHPublicKeySet && synchronizeLdapSSHPublicKeys ( user , source , sr . SSHPublicKey ) {
return user , RewriteAllPublicKeys ( )
}
@ -602,7 +602,7 @@ func SMTPAuth(a smtp.Auth, cfg *SMTPConfig) error {
// LoginViaSMTP queries if login/password is valid against the SMTP,
// and create a local user if success when enabled.
func LoginViaSMTP ( user * User , login , password string , sourceID int64 , cfg * SMTPConfig , autoRegister bool ) ( * User , error ) {
func LoginViaSMTP ( user * User , login , password string , sourceID int64 , cfg * SMTPConfig ) ( * User , error ) {
// Verify allowed domains.
if len ( cfg . AllowedDomains ) > 0 {
idx := strings . Index ( login , "@" )
@ -633,7 +633,7 @@ func LoginViaSMTP(user *User, login, password string, sourceID int64, cfg *SMTPC
return nil , err
}
if ! a utoRegi st er {
if user != nil {
return user , nil
}
@ -665,7 +665,7 @@ func LoginViaSMTP(user *User, login, password string, sourceID int64, cfg *SMTPC
// LoginViaPAM queries if login/password is valid against the PAM,
// and create a local user if success when enabled.
func LoginViaPAM ( user * User , login , password string , sourceID int64 , cfg * PAMConfig , autoRegister bool ) ( * User , error ) {
func LoginViaPAM ( user * User , login , password string , sourceID int64 , cfg * PAMConfig ) ( * User , error ) {
if err := pam . Auth ( cfg . ServiceName , login , password ) ; err != nil {
if strings . Contains ( err . Error ( ) , "Authentication failure" ) {
return nil , ErrUserNotExist { 0 , login , 0 }
@ -673,7 +673,7 @@ func LoginViaPAM(user *User, login, password string, sourceID int64, cfg *PAMCon
return nil , err
}
if ! a utoRegi st er {
if user != nil {
return user , nil
}
@ -691,7 +691,7 @@ func LoginViaPAM(user *User, login, password string, sourceID int64, cfg *PAMCon
}
// ExternalUserLogin attempts a login using external source types.
func ExternalUserLogin ( user * User , login , password string , source * LoginSource , autoRegister bool ) ( * User , error ) {
func ExternalUserLogin ( user * User , login , password string , source * LoginSource ) ( * User , error ) {
if ! source . IsActived {
return nil , ErrLoginSourceNotActived
}
@ -699,11 +699,11 @@ func ExternalUserLogin(user *User, login, password string, source *LoginSource,
var err error
switch source . Type {
case LoginLDAP , LoginDLDAP :
user , err = LoginViaLDAP ( user , login , password , source , autoRegister )
user , err = LoginViaLDAP ( user , login , password , source )
case LoginSMTP :
user , err = LoginViaSMTP ( user , login , password , source . ID , source . Cfg . ( * SMTPConfig ) , autoRegister )
user , err = LoginViaSMTP ( user , login , password , source . ID , source . Cfg . ( * SMTPConfig ) )
case LoginPAM :
user , err = LoginViaPAM ( user , login , password , source . ID , source . Cfg . ( * PAMConfig ) , autoRegister )
user , err = LoginViaPAM ( user , login , password , source . ID , source . Cfg . ( * PAMConfig ) )
default :
return nil , ErrUnsupportedLoginType
}
@ -783,7 +783,7 @@ func UserSignIn(username, password string) (*User, error) {
return nil , ErrLoginSourceNotExist { user . LoginSource }
}
return ExternalUserLogin ( user , user . LoginName , password , & source , false )
return ExternalUserLogin ( user , user . LoginName , password , & source )
}
}
@ -797,7 +797,7 @@ func UserSignIn(username, password string) (*User, error) {
// don't try to authenticate against OAuth2 and SSPI sources here
continue
}
authUser , err := ExternalUserLogin ( nil , username , password , source , true )
authUser , err := ExternalUserLogin ( nil , username , password , source )
if err == nil {
return authUser , nil
}