Fail authentication when username is empty (#2300)

2025-01-03 06:28:06 +01:00 · 2017-05-12 06:12:36 -04:00 · 2017-05-12 06:12:36 -04:00 · 7b0646760c
commit 7b0646760c
parent 64fad766f6
2 changed files with 13 additions and 0 deletions
--- a/src/ui/auth/ldap/ldap.go
+++ b/src/ui/auth/ldap/ldap.go
@ -36,6 +36,10 @@ const metaChars = "&|!=~*<>()"
 func (l *Auth) Authenticate(m models.AuthModel) (*models.User, error) {

 	p := m.Principal
+	if len(strings.TrimSpace(p)) == 0 {
+		log.Debugf("LDAP authentication failed for empty user id.")
+		return nil, nil
+	}
 	for _, c := range metaChars {
 		if strings.ContainsRune(p, c) {
 			return nil, fmt.Errorf("the principal contains meta char: %q", c)
--- a/src/ui/auth/ldap/ldap_test.go
+++ b/src/ui/auth/ldap/ldap_test.go
@ -131,4 +131,13 @@ func TestAuthenticate(t *testing.T) {
 	if user != nil {
 		t.Errorf("Nil user expected for wrong password")
 	}
+	person.Principal = ""
+	person.Password = ""
+	user, err = auth.Authenticate(person)
+	if err != nil {
+		t.Errorf("unexpected ldap error: %v", err)
+	}
+	if user != nil {
+		t.Errorf("Nil user for empty credentials")
+	}
 }