Commit c2981920 authored by Leonard Techel's avatar Leonard Techel
Browse files

LDAP: replace all %s within the search string

Now it is possible to login with either the uid or email. See an example
query inside app.json.example
parent bbd9c385
......@@ -2,8 +2,10 @@ package authprovider
import (
"fmt"
"github.com/go-ldap/ldap"
"regexp"
"strings"
"github.com/go-ldap/ldap"
)
type LdapProviderConfig struct {
......@@ -39,8 +41,8 @@ func (lp *LdapProvider) getUserByUID(conn *ldap.Conn, uid string) (entry *ldap.E
q := ldap.NewSearchRequest(
lp.cfg.Base,
ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false,
fmt.Sprintf(lp.cfg.Filter, ldap.EscapeFilter(uid)),
[]string{"dn", "displayName", "mail", "preferredLanguage"},
strings.Replace(lp.cfg.Filter, "%s", ldap.EscapeFilter(uid), -1),
[]string{"dn", "uid", "displayName", "mail", "preferredLanguage"},
nil,
)
......
......@@ -4,7 +4,7 @@
"ldap": {
"host": "127.0.0.1:389",
"base": "dc=example,dc=org",
"filter": "(&(objectClass=organizationalPerson)(uid=%s))",
"filter": "(&(objectClass=organizationalPerson)(|(uid=%s)(mail=%s)))",
"root_user": "cn=root,dc=example,dc=org",
"root_pass": "changeme"
}
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment