Commits

Zhang Huangbin  committed 5021e07

Handle invalid username in login process.

  • Participants
  • Parent commits 47d7212

Comments (0)

Files changed (6)

File controllers/ldap/core.py

         i = web.input()
 
         username = web.safestr(i.get('username').strip())
+
+        # Convert username to ldap dn.
+        userdn = iredutils.convEmailToAdminDN(username)
+        if not userdn:
+            return render.login(msg='INVALID_USERNAME')
+
         password = i.get('password').strip()
         save_pass = web.safestr(i.get('save_pass', 'no').strip())
 
-        # Convert email to ldap dn.
-        userdn = iredutils.convEmailToAdminDN(username)
-
         # Return True if auth success, otherwise return error msg.
         self.auth_result = auth.Auth(userdn, password)
 
             web.seeother('/dashboard')
         else:
             session['failedTimes'] += 1
-            return render.login(msg=self.auth_result, webmaster=session.get('webmaster', ''))
+            return render.login(msg=self.auth_result, webmaster=session.get('webmaster'))
 
 class logout:
     def GET(self):

File libs/iredbase.py

 
 session = web.session.Session(app, sessionStore,
         initializer={
-            'webmaster': cfg.general.get('admin', 'iredmailsupport@gmail.com'),
+            'webmaster': cfg.general.get('webmaster'),
             'default_quota': cfg.general.get('default_quota', '1024'),
             'username': None,
             'userdn': None,

File libs/ldaplib/auth.py

 def Auth(dn, pw, session=web.config.get('_session')):
     try:
         conn = ldap.initialize(cfg.ldap.get('uri', 'ldap://127.0.0.1'))
-        use_tls = eval(cfg.ldap.get('use_tls', 0))
-        if use_tls:
-            try:
-                #self.conn.start_tls_s()
-                conn.start_tls_s()
-            except ldap.LDAPError, e:
-                return e
 
         dn = ldap.filter.escape_filter_chars(web.safestr(dn.strip()))
         pw = pw.strip()

File libs/ldaplib/iredutils.py

     else:
         return False
 
-
     # Admin DN format.
     # mail=user@domain.ltd,[LDAP_DOMAINADMIN_DN]
     dn = '%s=%s,%s' % ( attrs.USER_RDN, email, domainadmin_dn)
 
     return domain
 
-def removeSpaceAndDot(string):
+def removeSpaceAndDot(s):
     """Remove leading and trailing dot and all whitespace."""
-    return str(string).strip(' .').replace(' ', '')
+    return str(s).strip(' .').replace(' ', '')
 
 # Sort LDAP query by dn.
 # Note: this function deprecated since we use JavaScript to implement

File settings.ini.sample

 # Version number of iRedAdmin-OSE, don't touch it.
 version = 0.1
 
-# Site admin's mail address.
-admin = michaelbibby@gmail.com
+# Site webmaster's mail address.
+webmaster = michaelbibby@gmail.com
 
 # Debug mode: True, False.
 # Warning: Do *NOT* enable debug in product server.
 protocol_version = 3
 
 # Enable TLS/SSL: True, False.
-use_tls = False
+#use_tls = False
 
 # Debug level of LDAP communite: 0, 2, [...], 255.
 debug_level = 0

File templates/default/ldap/login.html

     </div>
 
     {# Show error msg if available #}
-    {% if msg is defined %}
+    {% if msg is defined and msg is not sameas none %}
     <div class="ct-box error-box">
         <p class="warn"><strong>{{ _('Error:') }}</strong>
-        {% if msg == 'SERVER_DOWN' %}
-            {{ _('Server is down, Please contact <a href="mailto:{{webmaster}}">webmaster</a> to solve it.') }}
+        {% if msg == 'INVALID_CREDENTIALS' %}
+            {{ _('Username or password is incorrect.') }}
+        {% elif msg == 'INVALID_USERNAME' %}
+            {{ _('Username must be an valid email address.') }}
         {% elif msg == 'loginRequired' %}
             {{ _('Login required') }}
+        {% elif msg == 'SERVER_DOWN' %}
+            {{ _('Server is down, Please contact <a href="mailto:%s">webmaster</a> to solve it.' % webmaster ) }}
+        {% else %}
+            {{msg}}
         {% endif %}
         </p>
     </div>