App-Dochazka-REST
view release on metacpan or search on metacpan
lib/App/Dochazka/REST/LDAP.pm view on Meta::CPAN
$log->info( "Found employee $nick in LDAP (DN $dn)" );
return 1;
}
return 0;
}
=head2 ldap_search
Given Net::LDAP handle, LDAP field, and nick, search for the nick in
the given field (e.g. 'uid', 'cn' etc.). Returns value of LDAP property
specified in $prop.
=cut
sub ldap_search {
my ( $ldap, $nick, $prop ) = @_;
$nick = $nick || '';
my $base = $site->DOCHAZKA_LDAP_BASE || '';
my $field = $site->DOCHAZKA_LDAP_MAPPING->{nick} || '';
my $filter = $site->DOCHAZKA_LDAP_FILTER || '';
my $prop_value;
require Net::LDAP::Filter;
$filter = Net::LDAP::Filter->new( "(&" .
$filter .
"($field=$nick)" .
")"
);
my ($mesg, $entry, $count);
$log->info( "Running LDAP search with filter " . $filter->as_string );
$mesg = $ldap->search(
base => "$base",
scope => "sub",
filter => $filter
);
# code == 0 is success, code >= 1 is failure
die $mesg->error unless $mesg->code == 0;
$count = 0;
for $entry ($mesg->entries) {
$count += 1;
if ($count == 1) {
$dn = $entry->dn();
$prop_value = $entry->get_value( $prop );
last;
}
}
return $prop_value if $count > 0;
return;
}
=head2 ldap_auth
Takes a nick and a password. Returns true or false. Determines if the password matches
the one stored in the LDAP database.
=cut
sub ldap_auth {
no strict 'subs';
my ( $nick, $password ) = @_;
return 0 unless $nick;
$password = $password || '';
return 0 unless $site->DOCHAZKA_LDAP;
require Net::LDAP;
require Net::LDAP::Filter;
my $mesg = $ldap->bind( "$dn",
password => "$password",
);
if ( $mesg->code == 0 ) {
$ldap->unbind;
$log->info("Access granted to $nick");
return 1;
}
$log->info("Access denied to $nick because LDAP server returned code " . $mesg->code);
return 0;
}
1;
( run in 1.522 second using v1.01-cache-2.11-cpan-cdf2f3d4e48 )