This is an automated email from the ASF dual-hosted git repository. rob pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/incubator-trafficcontrol.git
commit dc6fc4507099f69eb31b16ccbc1aa29d66ec6a76 Author: Dylan Volz <dylan_v...@comcast.com> AuthorDate: Wed May 23 15:03:36 2018 -0600 correct login status codes and enhance ldap logging --- traffic_ops/traffic_ops_golang/auth/ldap.go | 6 ++++-- traffic_ops/traffic_ops_golang/auth/login.go | 8 +++++--- 2 files changed, 9 insertions(+), 5 deletions(-) diff --git a/traffic_ops/traffic_ops_golang/auth/ldap.go b/traffic_ops/traffic_ops_golang/auth/ldap.go index 9f8291c..bb89ace 100644 --- a/traffic_ops/traffic_ops_golang/auth/ldap.go +++ b/traffic_ops/traffic_ops_golang/auth/ldap.go @@ -98,8 +98,10 @@ func LookupUserDN(username string, cfg *config.ConfigLDAP) (string, bool, error) return "", false, err } - if len(sr.Entries) != 1 { - return "", false, errors.New("User does not exist or too many entries returned") + if len(sr.Entries) < 1 { + return "", false, errors.New("User does not exist") + } else if len(sr.Entries) > 1 { + return "", false, errors.New("too many user entries returned") } userDN := sr.Entries[0].DN return userDN, true, nil diff --git a/traffic_ops/traffic_ops_golang/auth/login.go b/traffic_ops/traffic_ops_golang/auth/login.go index 6021593..ecc95bf 100644 --- a/traffic_ops/traffic_ops_golang/auth/login.go +++ b/traffic_ops/traffic_ops_golang/auth/login.go @@ -47,6 +47,7 @@ func LoginHandler(db *sqlx.DB, cfg config.Config) http.HandlerFunc { return func(w http.ResponseWriter, r *http.Request) { handleErrs := tc.GetHandleErrorsFunc(w, r) defer r.Body.Close() + authenticated := false form := passwordForm{} if err := json.NewDecoder(r.Body).Decode(&form); err != nil { handleErrs(http.StatusBadRequest, err) @@ -60,7 +61,7 @@ func LoginHandler(db *sqlx.DB, cfg config.Config) http.HandlerFunc { log.Errorf("error checking local user: %s\n", err.Error()) } if userAllowed { - authenticated, err := checkLocalUserPassword(form, db) + authenticated, err = checkLocalUserPassword(form, db) if err != nil { log.Errorf("error checking local user password: %s\n", err.Error()) } @@ -81,7 +82,6 @@ func LoginHandler(db *sqlx.DB, cfg config.Config) http.HandlerFunc { resp = struct { tc.Alerts }{tc.CreateAlerts(tc.SuccessLevel, "Successfully logged in.")} - } else { resp = struct { tc.Alerts @@ -97,8 +97,10 @@ func LoginHandler(db *sqlx.DB, cfg config.Config) http.HandlerFunc { handleErrs(http.StatusInternalServerError, err) return } - w.Header().Set(tc.ContentType, tc.ApplicationJson) + if !authenticated { + w.WriteHeader(http.StatusUnauthorized) + } fmt.Fprintf(w, "%s", respBts) } } -- To stop receiving notification emails like this one, please contact r...@apache.org.