fix(web/panettone): Fix failure on invalid username

Handle if the username submitted to the login form is one of a
nonexistent user, rather than returning a 500

Fixes: #1
Change-Id: Iebc68dea3c91dc928e4386cb172d3c1515fb1556
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1402
Tested-by: BuildkiteCI
Reviewed-by: kanepyork <rikingcoding@gmail.com>
This commit is contained in:
Griffin Smith 2020-07-23 18:42:15 -04:00 committed by glittershark
parent d8a0bd9e75
commit 6bdd191cbf

View file

@ -81,17 +81,17 @@
"Checks the given USER-OR-USERNAME has the given PASSWORD, by making a bind
request against the ldap server at *ldap*. Returns the user if authentication is
successful, `nil' otherwise"
(let* ((user (if (typep user-or-username 'user) user-or-username
(find-user user-or-username)))
(dn (dn user)))
(multiple-value-bind (_r code-sym _msg)
(ldap:bind
(ldap:new-ldap :host (ldap:host *ldap*)
:port (ldap:port *ldap*)
:user dn
:pass password))
(when (equalp code-sym 'trivial-ldap:success)
user))))
(when-let ((user (if (typep user-or-username 'user) user-or-username
(find-user user-or-username))))
(let ((dn (dn user)))
(multiple-value-bind (_r code-sym _msg)
(ldap:bind
(ldap:new-ldap :host (ldap:host *ldap*)
:port (ldap:port *ldap*)
:user dn
:pass password))
(when (equalp code-sym 'trivial-ldap:success)
user)))))
(defun author (object)
(find-user-by-dn (author-dn object)))