fix(web/panettone): Fix failure on invalid username

Handle if the username submitted to the login form is one of a nonexistent user, rather than returning a 500 Fixes: #1 Change-Id: Iebc68dea3c91dc928e4386cb172d3c1515fb1556 Reviewed-on: https://cl.tvl.fyi/c/depot/+/1402 Tested-by: BuildkiteCI Reviewed-by: kanepyork <rikingcoding@gmail.com>
2020-07-23 18:42:15 -04:00 · 2020-07-23 18:42:15 -04:00 · 6bdd191cbf
commit 6bdd191cbf
parent d8a0bd9e75
1 changed files with 11 additions and 11 deletions
--- a/web/panettone/src/panettone.lisp
+++ b/web/panettone/src/panettone.lisp
@ -81,17 +81,17 @@
  "Checks the given USER-OR-USERNAME has the given PASSWORD, by making a bind
 request against the ldap server at *ldap*. Returns the user if authentication is
 successful, `nil' otherwise"
-  (let* ((user (if (typep user-or-username 'user) user-or-username
-                   (find-user user-or-username)))
-         (dn (dn user)))
-    (multiple-value-bind (_r code-sym _msg)
-        (ldap:bind
-         (ldap:new-ldap :host (ldap:host *ldap*)
-                        :port (ldap:port *ldap*)
-                        :user dn
-                        :pass password))
-      (when (equalp code-sym 'trivial-ldap:success)
-        user))))
+  (when-let ((user (if (typep user-or-username 'user) user-or-username
+                       (find-user user-or-username))))
+    (let ((dn (dn user)))
+      (multiple-value-bind (_r code-sym _msg)
+          (ldap:bind
+           (ldap:new-ldap :host (ldap:host *ldap*)
+                          :port (ldap:port *ldap*)
+                          :user dn
+                          :pass password))
+        (when (equalp code-sym 'trivial-ldap:success)
+          user)))))

 (defun author (object)
  (find-user-by-dn (author-dn object)))