Created a LDAP loging option in shell (Still basic)

8 years ago · 294486e779
5 changed files with 48 additions and 15 deletions
--- a/include/functions.php
+++ b/include/functions.php
@ -51,12 +51,20 @@ function loginLDAP($serverFQDN, $username, $password)
  //check if user exists  if works return true if not return false
  if ($bind = ldap_bind($ldap, $username, $password))
  {
+    //return true when login is OK.
    return true;
  }
  else
  {
+    //return false when login is NOK
    return false;
  }
 }

+//get all LDAP users and place them inside a database.
+function getLDAPUsers()
+{
+
+}
+
 ?>
--- a/installation/scripts/config.sh
+++ b/installation/scripts/config.sh
@ -1,5 +1,13 @@
 #!/bin/bash

+#use LDAP set to 1
+USELDAP=1
+
+#LDAP credentials
+SERVER='ldap.forumsys.com'
+#put your own DC info here
+CONNECTIONSTR='dc=example,dc=com'
+
 # MySQL credentials
 HOST='localhost'
 PORT='3306'
--- a/installation/scripts/functions.sh
+++ b/installation/scripts/functions.sh
--- a/installation/scripts/login.sh
+++ b/installation/scripts/login.sh
@ -1,25 +1,36 @@
 #!/bin/bash
-. /etc/openvpn/scripts/config.sh
-. /etc/openvpn/scripts/functions.sh
+source config.sh
+source functions.sh

 username=$(echap "$username")
 password=$(echap "$password")

-# Authentication
-user_pass=$(mysql -h$HOST -P$PORT -u$USER -p$PASS $DB -sN -e "SELECT user_pass FROM user WHERE user_id = '$username' AND user_enable=1 AND (TO_DAYS(now()) >= TO_DAYS(user_start_date) OR user_start_date IS NULL) AND (TO_DAYS(now()) <= TO_DAYS(user_end_date) OR user_end_date IS NULL)")
+if [ "$USELDAP" == 0 ]; then
+  # Authentication
+  user_pass=$(mysql -h$HOST -P$PORT -u$USER -p$PASS $DB -sN -e "SELECT user_pass FROM user WHERE user_id = '$username' AND user_enable=1 AND (TO_DAYS(now()) >= TO_DAYS(user_start_date) OR user_start_date IS NULL) AND (TO_DAYS(now()) <= TO_DAYS(user_end_date) OR user_end_date IS NULL)")

-# Check the user
-if [ "$user_pass" == '' ]; then
-  echo "$username: bad account."
-  exit 1
-fi
+  # Check the user
+  if [ "$user_pass" == '' ]; then
+    echo "$username: bad account."
+    exit 1
+  fi

-result=$(php -r "if(password_verify('$password', '$user_pass') == true) { echo 'ok'; } else { echo 'ko'; }")
+  result=$(php -r "if(password_verify('$password', '$user_pass') == true) { echo 'ok'; } else { echo 'ko'; }")

-if [ "$result" == "ok" ]; then
-  echo "$username: authentication ok."
-  exit 0
+  if [ "$result" == "ok" ]; then
+    echo "$username: authentication ok."
+    exit 0
+  else
+    echo "$username: authentication failed."
+    exit 1
+  fi
 else
-  echo "$username: authentication failed."
-  exit 1
+  result=$( ldapsearch -x -h "$SERVER" -D "uid=$username,$CONNECTIONSTR" -w $pasword -b "$CONNECTIONSTR" )
+  if [[ $result == *"result: 0 Success"* ]]; then
+    #echo "Logged In!"
+    exit 0
+  else
+    #echo "Invalid Creds!"
+    exit 1
+  fi
 fi
--- a/sql/schema-0.sql
+++ b/sql/schema-0.sql
@ -33,3 +33,9 @@ CREATE TABLE IF NOT EXISTS `user` (
  PRIMARY KEY (`user_id`),
  KEY `user_pass` (`user_pass`)
 ) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;
+
+CREATE TABLE IF NOT EXISTS `uLDAP` (
+  `user_id` varchar(32) COLLATE utf8_unicode_ci NOT NULL,
+  `user_online` tinyint(1) NOT NULL DEFAULT '0',
+  PRIMARY KEY (`user_id`)
+) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;