OpenVPN-Admin/installation/scripts/login.sh

#!/bin/bash
source config.sh
source functions.sh

username=$(echap "$username")
password=$(echap "$password")

if [ "$USELDAP" == 0 ]; then
  # Authentication
  user_pass=$(mysql -h$HOST -P$PORT -u$USER -p$PASS $DB -sN -e "SELECT user_pass FROM user WHERE user_id = '$username' AND user_enable=1 AND (TO_DAYS(now()) >= TO_DAYS(user_start_date) OR user_start_date IS NULL) AND (TO_DAYS(now()) <= TO_DAYS(user_end_date) OR user_end_date IS NULL)")

  # Check the user
  if [ "$user_pass" == '' ]; then
    echo "$username: bad account."
    exit 1
  fi

  result=$(php -r "if(password_verify('$password', '$user_pass') == true) { echo 'ok'; } else { echo 'ko'; }")

  if [ "$result" == "ok" ]; then
    echo "$username: authentication ok."
    exit 0
  else
    echo "$username: authentication failed."
    exit 1
  fi
else
  result=$( ldapsearch -x -h "$SERVER" -D "uid=$username,$CONNECTIONSTR" -w $pasword -b "$CONNECTIONSTR" )
  if [[ $result == *"result: 0 Success"* ]]; then
    #echo "Logged In!"
    exit 0
  else
    #echo "Invalid Creds!"
    exit 1
  fi
fi
Ajout fichiers de conf openvpn 11 years ago			`#!/bin/bash`
Created a LDAP loging option in shell (Still basic) 8 years ago			`source config.sh`
			`source functions.sh`
SECURITY: Avoid simple sql injection when login in openvpn 9 years ago
			`username=$(echap "$username")`
			`password=$(echap "$password")`
Ajout fichiers de conf openvpn 11 years ago
Created a LDAP loging option in shell (Still basic) 8 years ago			`if [ "$USELDAP" == 0 ]; then`
			`# Authentication`
			`user_pass=$(mysql -h$HOST -P$PORT -u$USER -p$PASS $DB -sN -e "SELECT user_pass FROM user WHERE user_id = '$username' AND user_enable=1 AND (TO_DAYS(now()) >= TO_DAYS(user_start_date) OR user_start_date IS NULL) AND (TO_DAYS(now()) <= TO_DAYS(user_end_date) OR user_end_date IS NULL)")`
Ajout fichiers de conf openvpn 11 years ago
Created a LDAP loging option in shell (Still basic) 8 years ago			`# Check the user`
			`if [ "$user_pass" == '' ]; then`
			`echo "$username: bad account."`
			`exit 1`
			`fi`
Adapt login.sh to the new password hashing with php 10 years ago
Created a LDAP loging option in shell (Still basic) 8 years ago			`result=$(php -r "if(password_verify('$password', '$user_pass') == true) { echo 'ok'; } else { echo 'ko'; }")`
Adapt login.sh to the new password hashing with php 10 years ago
Created a LDAP loging option in shell (Still basic) 8 years ago			`if [ "$result" == "ok" ]; then`
			`echo "$username: authentication ok."`
			`exit 0`
			`else`
			`echo "$username: authentication failed."`
			`exit 1`
			`fi`
Adapt login.sh to the new password hashing with php 10 years ago			`else`
Created a LDAP loging option in shell (Still basic) 8 years ago			`result=$( ldapsearch -x -h "$SERVER" -D "uid=$username,$CONNECTIONSTR" -w $pasword -b "$CONNECTIONSTR" )`
			`if [[ $result == "result: 0 Success" ]]; then`
			`#echo "Logged In!"`
			`exit 0`
			`else`
			`#echo "Invalid Creds!"`
			`exit 1`
			`fi`
Adapt login.sh to the new password hashing with php 10 years ago			`fi`