| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556 |
- package ldapauth
- import (
- "errors"
- "fmt"
- "net/url"
- "github.com/go-ldap/ldap"
- "github.com/grafana/grafana/pkg/log"
- "github.com/grafana/grafana/pkg/setting"
- )
- var (
- ErrInvalidCredentials = errors.New("Invalid Username or Password")
- )
- func Login(username, password string) error {
- url, err := url.Parse(setting.LdapHosts[0])
- if err != nil {
- return err
- }
- log.Info("Host: %v", url.Host)
- conn, err := ldap.Dial("tcp", url.Host)
- if err != nil {
- return err
- }
- defer conn.Close()
- bindFormat := "cn=%s,dc=grafana,dc=org"
- nx := fmt.Sprintf(bindFormat, username)
- err = conn.Bind(nx, password)
- if err != nil {
- if ldapErr, ok := err.(*ldap.Error); ok {
- if ldapErr.ResultCode == 49 {
- return ErrInvalidCredentials
- }
- }
- return err
- }
- return nil
- // search := ldap.NewSearchRequest(url.Path,
- // ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false,
- // fmt.Sprintf(ls.Filter, name),
- // []string{ls.AttributeUsername, ls.AttributeName, ls.AttributeSurname, ls.AttributeMail},
- // nil)
- // sr, err := l.Search(search)
- // if err != nil {
- // log.Debug("LDAP Authen OK but not in filter %s", name)
- // return "", "", "", "", false
- // }
- }
|
