login functioning

mod/auth/ldap/ldap.go

@@ -299,7 +299,7 @@ func (ldap *ldapHandler) HandleLoginPage(w http.ResponseWriter, r *http.Request)
 		"redirection_addr": red,
 		"usercount":        strconv.Itoa(ldap.ag.GetUserCounts()),
 		"service_logo":     imageBase64,
-		"login_addr":       "system/ldap/auth/login",
+		"login_addr":       "system/auth/ldap/login",
 	})
 	if err != nil {
 		panic("Error. Unable to parse login page. Is web directory data exists?")
@@ -309,18 +309,56 @@ func (ldap *ldapHandler) HandleLoginPage(w http.ResponseWriter, r *http.Request)
 }
 
 func (ldap *ldapHandler) HandleLogin(w http.ResponseWriter, r *http.Request) {
+	//Get username from request using POST mode
 	username, err := common.Mv(r, "username", true)
 	if err != nil {
-		common.SendErrorResponse(w, err.Error())
+		//Username not defined
+		log.Println("[System Auth] Someone trying to login with username: " + username)
+		//Write to log
+		ldap.ag.Logger.LogAuth(r, false)
+		common.SendErrorResponse(w, "Username not defined or empty.")
 		return
 	}
+
+	//Get password from request using POST mode
 	password, err := common.Mv(r, "password", true)
 	if err != nil {
-		common.SendErrorResponse(w, err.Error())
+		//Password not defined
+		ldap.ag.Logger.LogAuth(r, false)
+		common.SendErrorResponse(w, "Password not defined or empty.")
 		return
 	}
-	loginInfo, err := ldap.ldapreader.Authenticate(username, password)
-	//authencate successful
-	//common
 
+	//Get rememberme settings
+	rememberme := false
+	rmbme, _ := common.Mv(r, "rmbme", true)
+	if rmbme == "true" {
+		rememberme = true
+	}
+
+	//Check the database and see if this user is in the database
+	passwordCorrect, err := ldap.ldapreader.Authenticate(username, password)
+	if err != nil {
+		//Password not defined
+		ldap.ag.Logger.LogAuth(r, false)
+		common.SendErrorResponse(w, "Unable to connect to LDAP server")
+		log.Println("LDAP Authentication error, " + err.Error())
+		return
+	}
+	//The database contain this user information. Check its password if it is correct
+	if passwordCorrect {
+		//Password correct
+		// Set user as authenticated
+		ldap.ag.LoginUserByRequest(w, r, username, rememberme)
+		//Print the login message to console
+		log.Println(username + " logged in.")
+		ldap.ag.Logger.LogAuth(r, true)
+		common.SendOK(w)
+	} else {
+		//Password incorrect
+		log.Println(username + " has entered an invalid username or password")
+		common.SendErrorResponse(w, "Invalid username or password")
+		ldap.ag.Logger.LogAuth(r, false)
+		return
+	}
 }

mod/auth/ldap/ldapreader/reader.go

@@ -2,6 +2,7 @@ package ldapreader
 
 import (
 	"fmt"
+	"strings"
 
 	"github.com/go-ldap/ldap"
 )
@@ -42,8 +43,14 @@ func (handler *LdapReader) GetAllUser() ([]*ldap.Entry, error) {
 }
 
 func (handler *LdapReader) Authenticate(username string, password string) (bool, error) {
-	userInformation, err := handler.retrieveInformation("uid="+username+","+handler.basedn, "(objectClass=*)", ldap.ScopeBaseObject, handler.username, handler.password)
+	userInformation, err := handler.retrieveInformation("uid="+username+","+handler.basedn, "(objectClass=*)", ldap.ScopeBaseObject, "uid="+username+","+handler.basedn, password)
 	if err != nil {
+		if strings.Contains(err.Error(), "LDAP Result Code 32") {
+			return false, nil
+		}
+		if strings.Contains(err.Error(), "LDAP Result Code 53") {
+			return false, nil
+		}
 		return false, err
 	}
 	if len(userInformation) > 0 {
@@ -70,7 +77,7 @@ func (handler *LdapReader) retrieveInformation(dn string, filter string, typeOfS
 		0,
 		false,
 		filter,
-		[]string{"uid", "memberOf"},
+		[]string{"uid", "memberOf", "cn", "sAMAccountName"},
 		nil,
 	)
 	result, err := ldapURL.Search(searchReq)