diff options
Diffstat (limited to 'app/Api')
| -rw-r--r-- | app/Api/Auth.php | 1 | ||||
| -rw-r--r-- | app/Api/User.php | 18 |
2 files changed, 18 insertions, 1 deletions
diff --git a/app/Api/Auth.php b/app/Api/Auth.php index c7c5298c..6c6e1ebe 100644 --- a/app/Api/Auth.php +++ b/app/Api/Auth.php @@ -31,6 +31,7 @@ class Auth extends Base } elseif ($this->isAppAuthenticated($username, $password)) { $this->checkProcedurePermission(false, $method); } else { + $this->logger->error('API authentication failure for '.$username); throw new AuthenticationFailure('Wrong credentials'); } } diff --git a/app/Api/User.php b/app/Api/User.php index 48337ac6..9b8081d6 100644 --- a/app/Api/User.php +++ b/app/Api/User.php @@ -66,12 +66,28 @@ class User extends \Kanboard\Core\Base return $valid ? $this->user->create($values) : false; } + /** + * Create LDAP user in the database + * + * Only "anonymous" and "proxy" LDAP authentication are supported by this method + * + * User information will be fetched from the LDAP server + * + * @access public + * @param string $username + * @return bool|int + */ public function createLdapUser($username) { + if (LDAP_BIND_TYPE === 'user') { + $this->logger->error('LDAP authentication "user" is not supported by this API call'); + return false; + } + try { $ldap = LdapClient::connect(); - $user = LdapUser::getUser($ldap, sprintf(LDAP_USER_FILTER, $username)); + $user = LdapUser::getUser($ldap, $username); if ($user === null) { $this->logger->info('User not found in LDAP server'); |