fix(ldap): return meaningful error when providing wrong credentials

This commit is contained in:
kolaente 2025-03-16 18:21:23 +01:00
parent 754e1541ae
commit 91f9fe5b96
No known key found for this signature in database
GPG Key ID: F40E70337AB24C9B
1 changed files with 6 additions and 0 deletions

View File

@ -18,6 +18,7 @@ package ldap
import (
"crypto/tls"
"errors"
"fmt"
"strings"
@ -153,6 +154,11 @@ func AuthenticateUserInLDAP(s *xorm.Session, username, password string) (u *user
// Bind as the user to verify their password
err = l.Bind(userdn, password)
if err != nil {
var lerr *ldap.Error
if errors.As(err, &lerr) && lerr.ResultCode == ldap.LDAPResultInvalidCredentials {
return nil, user.ErrWrongUsernameOrPassword{}
}
return
}