Commit 3e170b0b authored by frankiejol's avatar frankiejol Committed by Francesc Guasch
Browse files

fix(auth): properly log out in LDAP

parent d0e2b033
......@@ -440,14 +440,14 @@ sub _login_bind {
for my $user (@user) {
my $dn = $user->dn;
$found++;
my $mesg = $LDAP_ADMIN->bind($dn, password => $password);
if ( !$mesg->code() ) {
my $ldap = _connect_ldap($dn, $password);
if ( $ldap ) {
$self->{_auth} = 'bind';
$self->{_ldap_entry} = $user;
return 1;
}
warn "ERROR: ".$mesg->code." : ".$mesg->error. " : Bad credentials for $dn"
if $Ravada::DEBUG && $mesg->code;
warn "ERROR: Bad credentials for $dn"
if $Ravada::DEBUG && $@;
}
return 0;
}
......
......@@ -267,6 +267,22 @@ sub _check_html_lint($url, $content, $option = {}) {
}
sub test_logout_ldap {
my ($username, $password) = ( new_domain_name(),$$);
my $user = create_ldap_user( $username, $password);
$t->post_ok('/login' => form => {login => $username, password => $password});
is($t->tx->res->code(),302);
$t->ua->get($URL_LOGOUT);
$t->post_ok('/login' => form => {login => $username, password => 'bigtime'});
is($t->tx->res->code(),403);
$t->post_ok('/login' => form => {login => $username, password => $password});
is($t->tx->res->code(),302);
}
########################################################################################
$ENV{MOJO_MODE} = 'devel';
......@@ -284,18 +300,20 @@ if (!rvd_front->ping_backend) {
exit;
}
remove_old_domains_req();
$t = Test::Mojo->new($SCRIPT);
$t->ua->inactivity_timeout(900);
$t->ua->connect_timeout(60);
my @bases;
my @clones;
test_logout_ldap();
test_login_fail();
test_validate_html("/login");
remove_old_domains_req();
for my $vm_name (@{rvd_front->list_vm_types} ) {
diag("Testing new machine in $vm_name");
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment