/** * Account sign in form processing. * * @return Redirect */ public function login(Request $request) { $validator = $this->validator(Input::all()); if ($validator->fails()) { return redirect()->back()->withInput()->withErrors($validator); } // Should we even check for LDAP users? if (Setting::getSettings()->ldap_enabled == '1') { LOG::debug("LDAP is enabled."); // Check if the user exists in the database $user = User::where('username', '=', Input::get('username'))->whereNull('deleted_at')->first(); LOG::debug("Local auth lookup complete"); try { Ldap::findAndBindUserLdap($request->input('username'), $request->input('password')); LOG::debug("Binding user to LDAP."); } catch (\Exception $e) { LOG::debug("User " . Input::get('username') . ' did not authenticate successfully against LDAP.'); //$ldap_error = $e->getMessage(); // return redirect()->back()->withInput()->with('error',$e->getMessage()); } // The user does not exist in the database. Try to get them from LDAP. // If user does not exist and authenticates sucessfully with LDAP we // will create it on the fly and sign in with default permissions if (!$user) { LOG::debug("Local user " . Input::get('username') . " does not exist"); try { if ($userattr = Ldap::findAndBindUserLdap($request->input('username'), $request->input('password'))) { LOG::debug("Creating local user " . Input::get('username')); if ($newuser = Ldap::createUserFromLdap($userattr)) { LOG::debug("Local user created.."); } else { LOG::debug("Could not create local user."); } } else { LOG::debug("User did not authenticate correctly against LDAP. No local user was created."); } } catch (\Exception $e) { return redirect()->back()->withInput()->with('error', $e->getMessage()); } // If the user exists and they were imported from LDAP already } else { LOG::debug("Local user " . Input::get('username') . " exists in database. Authenticating existing user against LDAP."); if ($ldap_user = Ldap::findAndBindUserLdap($request->input('username'), $request->input('password'))) { $ldap_attr = Ldap::parseAndMapLdapAttributes($ldap_user); LOG::debug("Valid LDAP login. Updating the local data."); $user->password = bcrypt($request->input('password')); $user->email = $ldap_attr['email']; $user->first_name = $ldap_attr['firstname']; $user->last_name = $ldap_attr['lastname']; $user->save(); } else { LOG::debug("User " . Input::get('username') . " did not authenticate correctly against LDAP. Local user was not updated."); } // End LDAP auth } // End if(!user) // NO LDAP enabled - just try to login the user normally } LOG::debug("Authenticating user against database."); // Try to log the user in if (!Auth::attempt(Input::only('username', 'password'), Input::get('remember-me', 0))) { LOG::debug("Local authentication failed."); // throw new Cartalyst\Sentry\Users\UserNotFoundException(); return redirect()->back()->withInput()->with('error', trans('auth/message.account_not_found')); } // Get the page we were before $redirect = \Session::get('loginRedirect', 'home'); // Unset the page we were before from the session \Session::forget('loginRedirect'); // Redirect to the users page return redirect()->to($redirect)->with('success', trans('auth/message.signin.success')); // Ooops.. something went wrong return redirect()->back()->withInput()->withErrors($this->messageBag); }
/** * Create user from LDAP attributes * * @author [A. Gianotto] [<*****@*****.**>] * @since [v3.0] * @param $ldapatttibutes * @return array|bool */ static function createUserFromLdap($ldapatttibutes) { $item = Ldap::parseAndMapLdapAttributes($ldapatttibutes); // Create user from LDAP data if (!empty($item["username"])) { $user = new User(); $user->first_name = $item["firstname"]; $user->last_name = $item["lastname"]; $user->username = $item["username"]; $user->email = $item["email"]; if (Setting::getSettings()->ldap_pw_sync == '1') { $user->password = bcrypt(Input::get("password")); } else { $pass = substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, 25); $user->password = bcrypt($pass); } $user->activated = 1; $user->ldap_import = 1; $user->notes = 'Imported on first login from LDAP'; if ($user->save()) { return true; } else { LOG::debug('Could not create user.' . $user->getErrors()); exit; } } return false; }
/** * Create user from LDAP attributes * * @author [A. Gianotto] [<*****@*****.**>] * @since [v3.0] * @param $ldapatttibutes * @return array|bool */ static function createUserFromLdap($ldapatttibutes) { $item = Ldap::parseAndMapLdapAttributes($ldapatttibutes); // Create user from LDAP data if (!empty($item["username"])) { $user = new User(); $user->first_name = $item["firstname"]; $user->last_name = $item["lastname"]; $user->username = $item["username"]; $user->email = $item["email"]; $user->password = bcrypt(Input::get("password")); $user->activated = 1; $user->ldap_import = 1; $user->notes = 'Imported on first login from LDAP'; if ($user->save()) { return true; } else { LOG::debug('Could not create user.' . $user->getErrors()); exit; } } return false; }