thomiceli
Introduce basic LDAP authentication.
Introduce basic LDAP authentication.
This PR introduces basic LDAP authentication and the necessary bits to configure it.
LDAP is now provided as a site wide configuration option in the admin panel.
When this option is enabled.
- The login attempts are first tried against the configured LDAP instance.
- On failure against LDAP, it will attempt to authenticate with the local user.
- On Success it will update the local user's password with the one that was successfully authenticated against LDAP.
The configuration details are shown at the bottom on the configuration section of admin panel.
LDAP authentication and local account password sync (Successful login)
Failed LDAP and local authentication (Failed login)
Local authentication when LDAP is unavailable (Successful login)
Local authentication if the user is not present in LDAP (Successful login)
Partially Addresses #77, the changes were implemented based on a LDAP set up I use in my personal infrastructure. So not all configuration options may be present in this implementation.
The LDAP implementation is done using https://github.com/go-ldap/ldap
@fraggerfox is this MR ready ?
Let me rebase the changes in correctly, and yes I have been using this in my local installation for a while.
@thomiceli : Looks like the CI is green and this is good to merge whenever you are ready.
Hi, sorry for the delay, i refactored some of the code and took the liberty to change:
- ldap password is not stored in opengist db
- added ldap login for git HTTP
- LDAP is enabled if the url is set
- removed your config file
#470