mirror of
https://github.com/cwinfo/powerdns-admin.git
synced 2024-11-09 15:10:27 +00:00
Fix LDAP password checking issue due to indention level
This commit is contained in:
parent
e4c8f5e100
commit
ea53ae340f
@ -212,7 +212,7 @@ class User(db.Model):
|
||||
LDAP_USER_GROUP = Setting().get('ldap_user_group')
|
||||
LDAP_GROUP_SECURITY_ENABLED = Setting().get('ldap_sg_enabled')
|
||||
|
||||
# validate ldap user password
|
||||
# validate AD user password
|
||||
if Setting().get('ldap_type') == 'ad':
|
||||
ldap_username = "{0}@{1}".format(self.username,Setting().get('ldap_domain'))
|
||||
if not self.ldap_auth(ldap_username, self.password):
|
||||
@ -231,6 +231,13 @@ class User(db.Model):
|
||||
else:
|
||||
try:
|
||||
ldap_username = ldap.filter.escape_filter_chars(ldap_result[0][0][0])
|
||||
|
||||
if Setting().get('ldap_type') != 'ad':
|
||||
# validate ldap user password
|
||||
if not self.ldap_auth(ldap_username, self.password):
|
||||
logging.error('User "{0}" input a wrong LDAP password. Authentication request from {1}'.format(self.username, src_ip))
|
||||
return False
|
||||
|
||||
# check if LDAP_GROUP_SECURITY_ENABLED is True
|
||||
# user can be assigned to ADMIN or USER role.
|
||||
if LDAP_GROUP_SECURITY_ENABLED:
|
||||
@ -277,12 +284,6 @@ class User(db.Model):
|
||||
logging.debug(traceback.format_exc())
|
||||
return False
|
||||
|
||||
if Setting().get('ldap_type') != 'ad':
|
||||
# validate ldap user password
|
||||
if not self.ldap_auth(ldap_username, self.password):
|
||||
logging.error('User "{0}" input a wrong LDAP password. Authentication request from {1}'.format(self.username, src_ip))
|
||||
return False
|
||||
|
||||
except Exception as e:
|
||||
logging.error('Wrong LDAP configuration. {0}'.format(e))
|
||||
logging.debug(traceback.format_exc())
|
||||
|
Loading…
Reference in New Issue
Block a user