From 294486e779d6f8a160d4f36a6edbc89dddb54e0f Mon Sep 17 00:00:00 2001 From: dries peeters Date: Wed, 11 Jan 2017 17:19:32 +0100 Subject: [PATCH] Created a LDAP loging option in shell (Still basic) --- include/functions.php | 8 ++++++ installation/scripts/config.sh | 8 ++++++ installation/scripts/functions.sh | 0 installation/scripts/login.sh | 41 ++++++++++++++++++++----------- sql/schema-0.sql | 6 +++++ 5 files changed, 48 insertions(+), 15 deletions(-) mode change 100644 => 100755 installation/scripts/config.sh mode change 100644 => 100755 installation/scripts/functions.sh mode change 100644 => 100755 installation/scripts/login.sh diff --git a/include/functions.php b/include/functions.php index c452866..143417b 100644 --- a/include/functions.php +++ b/include/functions.php @@ -51,12 +51,20 @@ function loginLDAP($serverFQDN, $username, $password) //check if user exists if works return true if not return false if ($bind = ldap_bind($ldap, $username, $password)) { + //return true when login is OK. return true; } else { + //return false when login is NOK return false; } } +//get all LDAP users and place them inside a database. +function getLDAPUsers() +{ + +} + ?> diff --git a/installation/scripts/config.sh b/installation/scripts/config.sh old mode 100644 new mode 100755 index d2ee840..31254c6 --- a/installation/scripts/config.sh +++ b/installation/scripts/config.sh @@ -1,5 +1,13 @@ #!/bin/bash +#use LDAP set to 1 +USELDAP=1 + +#LDAP credentials +SERVER='ldap.forumsys.com' +#put your own DC info here +CONNECTIONSTR='dc=example,dc=com' + # MySQL credentials HOST='localhost' PORT='3306' diff --git a/installation/scripts/functions.sh b/installation/scripts/functions.sh old mode 100644 new mode 100755 diff --git a/installation/scripts/login.sh b/installation/scripts/login.sh old mode 100644 new mode 100755 index baa18c4..67e90d6 --- a/installation/scripts/login.sh +++ b/installation/scripts/login.sh @@ -1,25 +1,36 @@ #!/bin/bash -. /etc/openvpn/scripts/config.sh -. /etc/openvpn/scripts/functions.sh +source config.sh +source functions.sh username=$(echap "$username") password=$(echap "$password") -# Authentication -user_pass=$(mysql -h$HOST -P$PORT -u$USER -p$PASS $DB -sN -e "SELECT user_pass FROM user WHERE user_id = '$username' AND user_enable=1 AND (TO_DAYS(now()) >= TO_DAYS(user_start_date) OR user_start_date IS NULL) AND (TO_DAYS(now()) <= TO_DAYS(user_end_date) OR user_end_date IS NULL)") +if [ "$USELDAP" == 0 ]; then + # Authentication + user_pass=$(mysql -h$HOST -P$PORT -u$USER -p$PASS $DB -sN -e "SELECT user_pass FROM user WHERE user_id = '$username' AND user_enable=1 AND (TO_DAYS(now()) >= TO_DAYS(user_start_date) OR user_start_date IS NULL) AND (TO_DAYS(now()) <= TO_DAYS(user_end_date) OR user_end_date IS NULL)") -# Check the user -if [ "$user_pass" == '' ]; then - echo "$username: bad account." - exit 1 -fi + # Check the user + if [ "$user_pass" == '' ]; then + echo "$username: bad account." + exit 1 + fi -result=$(php -r "if(password_verify('$password', '$user_pass') == true) { echo 'ok'; } else { echo 'ko'; }") + result=$(php -r "if(password_verify('$password', '$user_pass') == true) { echo 'ok'; } else { echo 'ko'; }") -if [ "$result" == "ok" ]; then - echo "$username: authentication ok." - exit 0 + if [ "$result" == "ok" ]; then + echo "$username: authentication ok." + exit 0 + else + echo "$username: authentication failed." + exit 1 + fi else - echo "$username: authentication failed." - exit 1 + result=$( ldapsearch -x -h "$SERVER" -D "uid=$username,$CONNECTIONSTR" -w $pasword -b "$CONNECTIONSTR" ) + if [[ $result == *"result: 0 Success"* ]]; then + #echo "Logged In!" + exit 0 + else + #echo "Invalid Creds!" + exit 1 + fi fi diff --git a/sql/schema-0.sql b/sql/schema-0.sql index d64aae5..8bc7188 100644 --- a/sql/schema-0.sql +++ b/sql/schema-0.sql @@ -33,3 +33,9 @@ CREATE TABLE IF NOT EXISTS `user` ( PRIMARY KEY (`user_id`), KEY `user_pass` (`user_pass`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci; + +CREATE TABLE IF NOT EXISTS `uLDAP` ( + `user_id` varchar(32) COLLATE utf8_unicode_ci NOT NULL, + `user_online` tinyint(1) NOT NULL DEFAULT '0', + PRIMARY KEY (`user_id`) +) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;