Merge pull request #2930 from thelounge/xpaw/ldap-log

Add logging to all code paths in LDAP auth
This commit is contained in:
Jérémie Astori 2018-12-15 23:46:04 -05:00 committed by GitHub
commit ce1e12b151
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -18,12 +18,18 @@ function ldapAuthCommon(user, bindDN, password, callback) {
ldapclient.on("error", function(err) { ldapclient.on("error", function(err) {
log.error(`Unable to connect to LDAP server: ${err}`); log.error(`Unable to connect to LDAP server: ${err}`);
callback(!err); callback(false);
}); });
ldapclient.bind(bindDN, password, function(err) { ldapclient.bind(bindDN, password, function(err) {
ldapclient.unbind(); ldapclient.unbind();
callback(!err);
if (err) {
log.error(`LDAP bind failed: ${err}`);
callback(false);
} else {
callback(true);
}
}); });
} }
@ -67,7 +73,7 @@ function advancedLdapAuth(user, password, callback) {
ldapclient.on("error", function(err) { ldapclient.on("error", function(err) {
log.error(`Unable to connect to LDAP server: ${err}`); log.error(`Unable to connect to LDAP server: ${err}`);
callback(!err); callback(false);
}); });
ldapclient.bind(config.ldap.searchDN.rootDN, config.ldap.searchDN.rootPassword, function(err) { ldapclient.bind(config.ldap.searchDN.rootDN, config.ldap.searchDN.rootPassword, function(err) {
@ -78,7 +84,7 @@ function advancedLdapAuth(user, password, callback) {
} else { } else {
ldapclient.search(base, searchOptions, function(err2, res) { ldapclient.search(base, searchOptions, function(err2, res) {
if (err2) { if (err2) {
log.warn(`User not found: ${userDN}`); log.warn(`LDAP User not found: ${userDN}`);
ldapclient.unbind(); ldapclient.unbind();
callback(false); callback(false);
} else { } else {
@ -95,10 +101,11 @@ function advancedLdapAuth(user, password, callback) {
log.error(`LDAP error: ${err3}`); log.error(`LDAP error: ${err3}`);
callback(false); callback(false);
}); });
res.on("end", function() { res.on("end", function(result) {
ldapclient.unbind(); ldapclient.unbind();
if (!found) { if (!found) {
log.warn(`LDAP Search did not find anything for: ${userDN} (${result.status})`);
callback(false); callback(false);
} }
}); });