gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2024-11-26 23:42:11 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

check if hooks return a user object because true also indicates a failed login

Browse Source
This commit is contained in:
Uwe Steinmann 2020-01-07 21:20:16 +01:00
parent 8ae2874367
commit 974ff603e1
1 changed files with 9 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
controllers/class.Login.php
View File

@ -85,30 +85,35 @@ class SeedDMS_Controller_Login extends SeedDMS_Controller_Common {
} }
/* Deprecated: Run any additional authentication implemented in a hook */ /* Deprecated: Run any additional authentication implemented in a hook */
if(!$user && isset($GLOBALS['SEEDDMS_HOOKS']['authentication'])) { if(!is_object($user) && isset($GLOBALS['SEEDDMS_HOOKS']['authentication'])) {
foreach($GLOBALS['SEEDDMS_HOOKS']['authentication'] as $authObj) { foreach($GLOBALS['SEEDDMS_HOOKS']['authentication'] as $authObj) {
if(!$user && method_exists($authObj, 'authenticate')) { if(!$user && method_exists($authObj, 'authenticate')) {
$user = $authObj->authenticate($dms, $settings, $login, $pwd); $user = $authObj->authenticate($dms, $settings, $login, $pwd);
if(false === $user) {
if(empty($this->errormsg))
$this->setErrorMsg("authentication_failed");
return false;
}
} }
} }
} }
/* Authenticate against LDAP server {{{ */ /* Authenticate against LDAP server {{{ */
if (!$user && isset($settings->_ldapHost) && strlen($settings->_ldapHost)>0) { if (!is_object($user) && isset($settings->_ldapHost) && strlen($settings->_ldapHost)>0) {
require_once("../inc/inc.ClassLdapAuthentication.php"); require_once("../inc/inc.ClassLdapAuthentication.php");
$authobj = new SeedDMS_LdapAuthentication($dms, $settings); $authobj = new SeedDMS_LdapAuthentication($dms, $settings);
$user = $authobj->authenticate($login, $pwd); $user = $authobj->authenticate($login, $pwd);
} /* }}} */ } /* }}} */
/* Authenticate against SeedDMS database {{{ */ /* Authenticate against SeedDMS database {{{ */
if(!$user) { if(!is_object($user)) {
require_once("../inc/inc.ClassDbAuthentication.php"); require_once("../inc/inc.ClassDbAuthentication.php");
$authobj = new SeedDMS_DbAuthentication($dms, $settings); $authobj = new SeedDMS_DbAuthentication($dms, $settings);
$user = $authobj->authenticate($login, $pwd); $user = $authobj->authenticate($login, $pwd);
} /* }}} */ } /* }}} */
/* If the user is still not authenticated, then exit with an error */ /* If the user is still not authenticated, then exit with an error */
if(!$user) { if(!is_object($user)) {
$this->callHook('loginFailed'); $this->callHook('loginFailed');
$this->setErrorMsg("login_error_text"); $this->setErrorMsg("login_error_text");
return false; return false;