[SUCS Devel] [Git][sucssite/gameauth][master] Use the new ldap auth lib from a git repo for easy updating

Sun Oct 27 14:42:46 GMT 2019


Imran Hussain pushed to branch master at sucssite / gameauth


Commits:
d9019ebf by Imran Hussain at 2019-10-27T14:41:16Z
Use the new ldap auth lib from a git repo for easy updating

- - - - -


4 changed files:

- + .gitmodules
- controll_2.php
- + ldap-auth
- − ldap-auth.php


Changes:

=====================================
.gitmodules
=====================================
@@ -0,0 +1,3 @@
+[submodule "ldap-auth"]
+	path = ldap-auth
+	url = git at projects.sucs.org:imranh/ldap-auth.git


=====================================
controll_2.php
=====================================
@@ -23,7 +23,7 @@
         Then destroys the session logging them out fully
     */
 
-    include('ldap-auth.php');
+    include('./ldap-auth/ldap-auth.php');
     error_reporting(E_ERROR);
 
     session_start();


=====================================
ldap-auth
=====================================
@@ -0,0 +1 @@
+Subproject commit 9c8e7ad06d05ad49f592ae52219d7b46cc8f31bf


=====================================
ldap-auth.php deleted
=====================================
@@ -1,104 +0,0 @@
-<?php
-
-/*
-Written by Imran Hussain ~imranh
-
-Used to auth people, will check SUCS then the uni ldap, will only check
-students on the uni ldap.
-
-will return "sucs" if the username/password passed is a sucs member
-will return "uni" if the user/pass passed has a student swan uni account
-will return "nope" if the user/pass passed is inavlid
-
-Example usage:
-
-include_once("ldap-auth.php");
-
-isAuthd = ldapAuth("usaername", "password");
-
-if (isAuthd == "sucs"){
-	//do stuff for sucs auth
-}elseif (isAuthd == "uni"){
-	//do stuff for uni auth
-}else{
-	//do stuff for not authd peeps
-}
-
-*/
-
-// we don't care about warnings, we write our own
-error_reporting(E_ERROR | E_PARSE);
-
-function ldapAuth($username, $password) {
-
-	if ($username != "" && $password != ""){
-
-		// people like to use emails to login so lets detect and strip
-		if(filter_var($username, FILTER_VALIDATE_EMAIL)){
-			//valid email, lets strip
-			// split the email into a string array "@" as a delim
-			$s = explode("@",$username);
-			// remove the last element (domain)
-			array_pop($s);
-			// put the array back togther using "@" as a seperator
-			$username = implode("@",$s);
-		}
-
-		// ldap servers
-		$sucsLDAPServer = 'silver.sucs.swan.ac.uk';
-		$lisLDAPServer = 'ccs-suld1.swan.ac.uk';
-
-		// lis auth stuffs
-		$lisUsernameOu = substr($username, -1);
-		$lisOtherOu = "Moved";
-
-		// how to bind
-		$sucsBindDn = "uid=$username,ou=People,dc=sucs,dc=org";
-		$lisBindDn1 = "cn=$username,ou=$lisUsernameOu,ou=Students,ou=SWANSEA,o=SWANUNI";
-		$lisBindDn2 = "cn=$username,ou=$lisOtherOu,ou=Students,ou=SWANSEA,o=SWANUNI";
-
-		// Main auth
-
-		// Try and connect to silver
-		$ldapconnSUCS = ldap_connect($sucsLDAPServer) or die("Could not connect to SUCS LDAP server.");
-
-		if ($ldapconnSUCS) {
-
-			//echo "Connected to $sucsLDAPServer <br>";
-
-			// try and bind to sucs ldap
-			$ldapbindSUCS = ldap_bind($ldapconnSUCS, $sucsBindDn, $password);
-
-			if ($ldapbindSUCS) {
-				//echo "Auth'd as $username using SUCS LDAP<br>";
-				return "sucs";
-			// turns out they didn't give us valid sucs creds, lets try lis now
-			} else {
-
-				// try and connect to the lis ldap server
-				$ldapconnLIS = ldap_connect($lisLDAPServer) or die("Could not connect to uni LDAP server.");
-				//echo "Connected to $lisLDAPServer <br>";
-
-				// lets try and bind to the uni ldap
-				$ldapbindLIS1 = ldap_bind($ldapconnLIS, $lisBindDn1, $password);
-				if ($ldapbindLIS1) {
-					//echo "Auth'd as $username using uni LDAP using ou=$lisUsernameOu<br>";
-					return "uni";
-				} else {
-					$ldapbindLIS2 = ldap_bind($ldapconnLIS, $lisBindDn2, $password);
-					if ($ldapbindLIS2) {
-						//echo "Auth'd as $username using uni LDAP using ou=moved<br>";
-						return "uni";
-					// shit, couldn't bind to anything
-					} else {
-						//exit("Invalid Username or Password");
-						return "nope";
-					}
-				}
-			}
-		}
-	}else {
-		return "nope";
-	}
-}
-?>
\ No newline at end of file



View it on GitLab: https://projects.sucs.org/sucssite/gameauth/commit/d9019ebfe2f17d26e568a04ade06ca45d5a10f50

-- 
View it on GitLab: https://projects.sucs.org/sucssite/gameauth/commit/d9019ebfe2f17d26e568a04ade06ca45d5a10f50
You're receiving this email because of your account on projects.sucs.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sucs.org/pipermail/devel/attachments/20191027/c08b200b/attachment-0001.html>
