[fix] Ensure that configuration is loaded properly when we need it

+ lowercase the username
+ do not fail when only oneemail alias is set
This commit is contained in:
kload 2015-06-02 17:01:56 +02:00
parent d39f7d2b78
commit 404fe510d2

View file

@ -121,6 +121,8 @@ end
-- Expires the 3 session cookies -- Expires the 3 session cookies
function delete_cookie () function delete_cookie ()
conf = config.get_config()
expired_time = "Thu, Jan 01 1970 00:00:00 UTC;" expired_time = "Thu, Jan 01 1970 00:00:00 UTC;"
for _, domain in ipairs(conf["domains"]) do for _, domain in ipairs(conf["domains"]) do
local cookie_str = "; Domain=."..domain.. local cookie_str = "; Domain=."..domain..
@ -187,6 +189,10 @@ function has_access (user, url)
user = user or authUser user = user or authUser
url = url or ngx.var.host..ngx.var.uri url = url or ngx.var.host..ngx.var.uri
if not conf["users"][user] then
conf = config.get_config()
end
-- If there are no `users` directive, or if the user has no ACL set, he can -- If there are no `users` directive, or if the user has no ACL set, he can
-- access the URL by default -- access the URL by default
if not conf["users"] or not conf["users"][user] then if not conf["users"] or not conf["users"][user] then
@ -212,6 +218,7 @@ end
-- address. -- address.
-- Reminder: conf["ldap_identifier"] is "uid" by default -- Reminder: conf["ldap_identifier"] is "uid" by default
function authenticate (user, password) function authenticate (user, password)
conf = config.get_config()
-- Try to find the username from an email address by openning an anonymous -- Try to find the username from an email address by openning an anonymous
-- LDAP connection and check if the email address exists -- LDAP connection and check if the email address exists
@ -438,6 +445,7 @@ end
-- title, the flash notifications' content and the translated strings. -- title, the flash notifications' content and the translated strings.
function get_data_for(view) function get_data_for(view)
local user = authUser local user = authUser
conf = config.get_config()
-- For the login page we only need the page title -- For the login page we only need the page title
if view == "login.html" then if view == "login.html" then
@ -501,6 +509,7 @@ end
-- It has to update cached information and edit the LDAP user entry -- It has to update cached information and edit the LDAP user entry
-- according to the changes detected. -- according to the changes detected.
function edit_user () function edit_user ()
conf = config.get_config()
-- We need these calls since we are in a POST request -- We need these calls since we are in a POST request
ngx.req.read_body() ngx.req.read_body()
@ -595,7 +604,12 @@ function edit_user ()
-- Filter configuration's domain list to keep only -- Filter configuration's domain list to keep only
-- "allowed" domains -- "allowed" domains
for _, domain in ipairs(conf["domains"]) do for _, domain in ipairs(conf["domains"]) do
for k, mail in ipairs(attribs["mail"]) do if type(attribs["mail"] == "string") then
mail_list = { attribs["mail"] }
else
mail_list = attribs["mail"]
end
for k, mail in ipairs(mail_list) do
if string.ends(mail, "@"..domain) then if string.ends(mail, "@"..domain) then
if not is_in_table(domains, domain) then if not is_in_table(domains, domain) then
table.insert(domains, domain) table.insert(domains, domain)
@ -739,6 +753,8 @@ function login ()
local args = ngx.req.get_post_args() local args = ngx.req.get_post_args()
local uri_args = ngx.req.get_uri_args() local uri_args = ngx.req.get_uri_args()
args.user = string.lower(args.user)
local user = authenticate(args.user, args.password) local user = authenticate(args.user, args.password)
if user then if user then
ngx.status = ngx.HTTP_CREATED ngx.status = ngx.HTTP_CREATED