[incubator-trafficcontrol] 01/03: correct login status codes and enhance ldap logging

[rob]

This is an automated email from the ASF dual-hosted git repository.

rob pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-trafficcontrol.git

commit dc6fc4507099f69eb31b16ccbc1aa29d66ec6a76
Author: Dylan Volz <dylan_v...@comcast.com>
AuthorDate: Wed May 23 15:03:36 2018 -0600

    correct login status codes and enhance ldap logging
---
 traffic_ops/traffic_ops_golang/auth/ldap.go  | 6 ++++--
 traffic_ops/traffic_ops_golang/auth/login.go | 8 +++++---
 2 files changed, 9 insertions(+), 5 deletions(-)

diff --git a/traffic_ops/traffic_ops_golang/auth/ldap.go 
b/traffic_ops/traffic_ops_golang/auth/ldap.go
index 9f8291c..bb89ace 100644
--- a/traffic_ops/traffic_ops_golang/auth/ldap.go
+++ b/traffic_ops/traffic_ops_golang/auth/ldap.go
@@ -98,8 +98,10 @@ func LookupUserDN(username string, cfg *config.ConfigLDAP) 
(string, bool, error)
                return "", false, err
        }
 
-       if len(sr.Entries) != 1 {
-               return "", false, errors.New("User does not exist or too many 
entries returned")
+       if len(sr.Entries) < 1 {
+               return "", false, errors.New("User does not exist")
+       } else if len(sr.Entries) > 1 {
+               return "", false, errors.New("too many user entries returned")
        }
        userDN := sr.Entries[0].DN
        return userDN, true, nil
diff --git a/traffic_ops/traffic_ops_golang/auth/login.go 
b/traffic_ops/traffic_ops_golang/auth/login.go
index 6021593..ecc95bf 100644
--- a/traffic_ops/traffic_ops_golang/auth/login.go
+++ b/traffic_ops/traffic_ops_golang/auth/login.go
@@ -47,6 +47,7 @@ func LoginHandler(db *sqlx.DB, cfg config.Config) 
http.HandlerFunc {
        return func(w http.ResponseWriter, r *http.Request) {
                handleErrs := tc.GetHandleErrorsFunc(w, r)
                defer r.Body.Close()
+               authenticated := false
                form := passwordForm{}
                if err := json.NewDecoder(r.Body).Decode(&form); err != nil {
                        handleErrs(http.StatusBadRequest, err)
@@ -60,7 +61,7 @@ func LoginHandler(db *sqlx.DB, cfg config.Config) 
http.HandlerFunc {
                        log.Errorf("error checking local user: %s\n", 
err.Error())
                }
                if userAllowed {
-                       authenticated, err := checkLocalUserPassword(form, db)
+                       authenticated, err = checkLocalUserPassword(form, db)
                        if err != nil {
                                log.Errorf("error checking local user password: 
%s\n", err.Error())
                        }
@@ -81,7 +82,6 @@ func LoginHandler(db *sqlx.DB, cfg config.Config) 
http.HandlerFunc {
                                resp = struct {
                                        tc.Alerts
                                }{tc.CreateAlerts(tc.SuccessLevel, 
"Successfully logged in.")}
-
                        } else {
                                resp = struct {
                                        tc.Alerts
@@ -97,8 +97,10 @@ func LoginHandler(db *sqlx.DB, cfg config.Config) 
http.HandlerFunc {
                        handleErrs(http.StatusInternalServerError, err)
                        return
                }
-
                w.Header().Set(tc.ContentType, tc.ApplicationJson)
+               if !authenticated {
+                       w.WriteHeader(http.StatusUnauthorized)
+               }
                fmt.Fprintf(w, "%s", respBts)
        }
 }

-- 
To stop receiving notification emails like this one, please contact
r...@apache.org.