tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'ent-4953-local-admin-nunca-prueba-remotos-meta' into 'develop' 

Force try remote before falling back to local if admin user

See merge request artica/pandorafms!3715
This commit is contained in:
Daniel Rodriguez 2021-01-11 09:22:14 +01:00
parent 732ba9d030 4d2b890712
commit 38dd3b960e
1 changed files with 24 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
pandora_console/include/auth/mysql.php
View File

@ -68,29 +68,39 @@ $config['admin_can_make_admin'] = true;
/** /**
* process_user_login accepts $login and $pass and handles it according to current authentication scheme * Process_user_login accepts $login and $pass and handles it according to
* current authentication scheme.
* *
* @param string $login * @param string $login Login.
* @param string $pass * @param string $pass Pass.
* @param boolean $api * @param boolean $api Api.
* *
* @return mixed False in case of error or invalid credentials, the username in case it's correct. * @return mixed False in case of error or invalid credentials, the username in
* case it's correct.
*/ */
function process_user_login($login, $pass, $api=false) function process_user_login($login, $pass, $api=false)
{ {
global $config, $mysql_cache; global $config;
// Always authenticate admins against the local database // 1. Try remote.
if (strtolower($config['auth']) == 'mysql' || is_user_admin($login)) { if (strtolower($config['auth']) != 'mysql') {
return process_user_login_local($login, $pass, $api); $login_remote = process_user_login_remote(
$login,
io_safe_output($pass),
$api
);
} else { } else {
$login_remote = process_user_login_remote($login, io_safe_output($pass), $api); $login_remote = false;
if ($login_remote == false && $config['fallback_local_auth']) { }
// 2. Try local.
if ($login_remote === false
&& ($config['fallback_local_auth'] || is_user_admin($login))
) {
return process_user_login_local($login, $pass, $api); return process_user_login_local($login, $pass, $api);
} else { } else {
return $login_remote; return $login_remote;
} }
}
return false; return false;
} }