connection modeauth=ldap

This commit is contained in:
afornerot 2019-04-19 16:53:09 +02:00
parent d07acd733e
commit a9bf6b901e
6 changed files with 132 additions and 4 deletions

View File

@ -46,6 +46,77 @@ class SecurityController extends Controller
'error' => $error 'error' => $error
)); ));
break; break;
case "LDAP":
$authUtils = $this->get('security.authentication_utils');
// last username entered by the user
$lastUsername = $authUtils->getLastUsername();
$error = "";
// Création du formulaire
$form = $this->createForm(LoginType::class);
$form->handleRequest($request);
if ($form->get('submit')->isClicked()) {
$data = $form->getData();
$ldap_host = $this->getParameter("ldap_host");
$ldap_port = $this->getParameter("ldap_port");
$ldap_user = $this->getParameter("ldap_user");
$ldap_password = $this->getParameter("ldap_password");
$ldap_basedn = $this->container->getParameter('ldap_basedn');
$ldapConn = ldap_connect($ldap_host, $ldap_port);
$fglogin = false;
if($ldapConn){
// Connexion au serveur LDAP superuser
$ldapbind = ldap_bind($ldapConn, $ldap_user, $ldap_password);
if($ldapbind) {
$result = ldap_search($ldapConn, $ldap_basedn, "uid=".$data["_username"]);
if($result) {
$first = ldap_first_entry($ldapConn, $result);
$dn = ldap_get_dn($ldapConn, $first);
$ldapbind = ldap_bind($ldapConn, $dn, $data["_password"]);
if($ldapbind) {
$fglogin = true;
}
}
}
}
$em = $this->getDoctrine()->getManager();
$user=$em->getRepository("CadolesCoreBundle:User")->findOneBy(["username"=>$data["_username"]]);
if(!$user) $fglogin = false;
if(!$fglogin) $error = "connexion impossible";
else {
// Autoconnexion
// Récupérer le token de l'utilisateur
$token = new UsernamePasswordToken($user, null, "main", $user->getRoles());
$this->get("security.token_storage")->setToken($token);
// Simuler l'evenement de connexion
$event = new InteractiveLoginEvent($request, $token);
$dispatcher = new EventDispatcher();
$dispatcher->dispatch("security.interactive_login", $event);
return $this->redirect($this->generateUrl('cadoles_core_home'));
}
}
return $this->render('CadolesCoreBundle:Security:loginldap.html.twig', array(
'useheader' => false,
'usemenu' => false,
'usesidebar' => false,
'last_username' => $lastUsername,
'error' => $error,
'form' => $form->createView()
));
break;
} }
} }

View File

@ -263,8 +263,7 @@ class User implements UserInterface, \Serializable
if($password!=$this->password&&$password!=""){ if($password!=$this->password&&$password!=""){
$this->tempopassword=$password; $this->tempopassword=$password;
mt_srand((double)microtime()*1000000); $this->salt = uniqid(mt_rand(), true);
$this->salt = pack("CCCC", mt_rand(), mt_rand(), mt_rand(), mt_rand());
$hash = "{SSHA}" . base64_encode(pack("H*", sha1($password . $this->salt)) . $this->salt); $hash = "{SSHA}" . base64_encode(pack("H*", sha1($password . $this->salt)) . $this->salt);
$this->password = $hash; $this->password = $hash;

View File

@ -23,7 +23,13 @@ class LoginType extends AbstractType
{ {
$builder $builder
->add('_username') ->add('_username')
->add('_password', PasswordType::class) ->add('_password', PasswordType::class,[
"attr" => array("style"=>"margin-bottom:15px;")
])
->add('submit', SubmitType::class,[
"label" => "Valider",
"attr" => array("class" => "btn btn-success form-control")
])
; ;
} }
} }

View File

@ -34,6 +34,10 @@ cadoles_core_kill:
path: /kill path: /kill
defaults: { _controller: CadolesCoreBundle:Security:kill } defaults: { _controller: CadolesCoreBundle:Security:kill }
cadoles_core_ldap_login:
path: /ldaplogin
defaults: { _controller: CadolesCoreBundle:Security:login }
#== Crop Image =========================================================================================================== #== Crop Image ===========================================================================================================
cadoles_core_crop01: cadoles_core_crop01:
path: /crop01 path: /crop01

View File

@ -14,7 +14,9 @@
<a href="{{ path('cas_sp.logout') }}"><i class="fa fa-sign-out fa-fw"></i></a> <a href="{{ path('cas_sp.logout') }}"><i class="fa fa-sign-out fa-fw"></i></a>
{% elseif mode_auth == "SQL" %} {% elseif mode_auth == "SQL" %}
<a href="{{ path('cadoles_core_kill') }}"><i class="fa fa-sign-out fa-fw"></i></a> <a href="{{ path('cadoles_core_kill') }}"><i class="fa fa-sign-out fa-fw"></i></a>
{% endif %} {% elseif mode_auth == "LDAP" %}
<a href="{{ path('cadoles_core_kill') }}"><i class="fa fa-sign-out fa-fw"></i></a>
{% endif %}
</li> </li>
@ -32,6 +34,9 @@
<a href="{{ path('cas_sp.login') }}"><i class="fa fa-sign-in fa-fw"></i></a> <a href="{{ path('cas_sp.login') }}"><i class="fa fa-sign-in fa-fw"></i></a>
{% elseif mode_auth == "SQL" %} {% elseif mode_auth == "SQL" %}
<a href="{{ path('cadoles_core_login') }}"><i class="fa fa-sign-in fa-fw"></i></a> <a href="{{ path('cadoles_core_login') }}"><i class="fa fa-sign-in fa-fw"></i></a>
{% elseif mode_auth == "LDAP" %}
<a href="{{ path('cadoles_core_ldap_login') }}"><i class="fa fa-sign-in fa-fw"></i></a>
{% endif %} {% endif %}
</li> </li>
{% endif %} {% endif %}

View File

@ -0,0 +1,43 @@
{% extends '@CadolesCore/base.html.twig' %}
{% block pagewrapper %}
{{ form_start(form) }}
<div class="col-md-4 col-md-offset-4">
<div style="width: 400px;margin: auto;text-align: center;margin-top: 100px;">
<a href="{{ path("cadoles_core_home") }}">
<img id="logo" src="/{{ alias }}/{{ app.session.get('logo') }}">
<h1>{{ app.session.get('appname') }}</h1>
</a>
</div>
<div class="login-panel panel panel-default">
<div class="panel-heading">
<h3 class="panel-title">Login</h3>
</div>
<div class="panel-body">
<fieldset>
<label for="username">Login</label>
{{ form_widget(form._username) }}
<label for="username">Password</label>
{{ form_widget(form._password) }}
{{ form_widget(form.submit) }}
</fieldset>
</div>
</div>
{% if error %}
<div>{{ error.messageKey|trans(error.messageData, 'security') }}</div>
{% endif %}
</div>
</form>
{{ form_end(form) }}
{% endblock %}
{% block localjavascript %}
$("#username").focus();
{% endblock %}