From 859fb9d7482a2731dea75fc92d184cf40bcf0b42 Mon Sep 17 00:00:00 2001 From: James Ketrenos Date: Thu, 18 Oct 2018 16:53:36 -0700 Subject: [PATCH] Restructure LDAP auth so it works with restricted albums Signed-off-by: James Ketrenos --- server/routes/users.js | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/server/routes/users.js b/server/routes/users.js index fd5dde9..ae2571a 100755 --- a/server/routes/users.js +++ b/server/routes/users.js @@ -125,7 +125,6 @@ const getSessionUser = function(req) { } let user = results[0]; - req.user = user; if (!user.mailVerified) { user.restriction = user.restriction || "Email address not verified."; @@ -140,6 +139,8 @@ const getSessionUser = function(req) { return user; }); }).then(function(user) { + req.user = user; + /* If the user already has a restriction, or there are no album user restrictions, * return the user to the next promise */ if (user.restriction || !config.has("restrictions")) { @@ -155,7 +156,7 @@ const getSessionUser = function(req) { return user; } } - console.log("Unauthorized (logged in) access by user: " + req.user.username); + console.log("Unauthorized (logged in) access by user: " + user.username); user.restriction = "Unauthorized access attempt to restricted album."; return user; @@ -204,9 +205,9 @@ router.post("/login", function(req, res) { return ldapPromise(username, password).then(function(ldap) { let user = {}; - user.name = ldap.displayName; - user.username = ldap.uid; user.id = "LDAP"; + user.displayName = ldap.displayName; + user.username = ldap.uid; user.mail = ldap.mail; user.authenticated = 1; user.mailVerified = 1; @@ -252,6 +253,7 @@ router.post("/login", function(req, res) { return res.status(200).send(user); }); }).catch(function(error) { + console.log(error); return res.status(403).send(error); }); });