0

我是 Laravel 甚至框架的新手……我在 Laravel 中尝试了一些基本的身份验证。现在这是我的问题。我在传统的 PHP 中有一个 LDAP 登录脚本,我想切换到 Laravel LDAP 登录。任何人都可以帮我处理代码/捆绑包或任何东西吗?我将非常感谢您的帮助。

function check_login($username,$password){
    if($username=="" || $password=="")
        return 1 ;
    $server1="ldap.xyz.com";   //server1 ip or dns
    $server2="ldap.xyz.com";  //server2 ip or dns

    $firstqry=array("alias,sn,givenname,mail,dn");
    $secqry=array("givenname,jobtitledescription,sn,alias,mail,l,employeenumber");

    $firstfilter="(alias=$username)";
    $searchin="o=XYZ,c=AN";


    $ldap=ldap_connect($server1,389);
    if (!($res = @ldap_bind($ldap))) {
      //echo "<b>Cannt Contact Server 1 :" .$server1 .", Now Contacting Server 2 :".$server2. ".....</b><br>";
      $laststatus=ldap_errno($ldap);
      if($laststatus==81){
         $ldap=ldap_connect($server2,389);
         if (!($res = @ldap_bind($ldap))) {
            //echo "<b>Cannt Contact Server 2 :" .$server2 ."...</B><br>";
            $laststatus=ldap_errno($ldap);
            if($laststatus==81){
               //echo "<b>Please Contact The Network Adminstartion!!</b><br>";
               return 2 ; // server not found
            }
         }else{
               $laststatus=ldap_errno($ldap);
         }
      }
    }else{
      $laststatus=ldap_errno($ldap);
    }

    //echo "Connection :" .ldap_error($ldap)."<br>";
    if($laststatus==0){
        $sr=ldap_search($ldap,$searchin,$firstfilter,$firstqry);
        $info = ldap_get_entries($ldap, $sr);
        for ($i=0; $i<$info["count"]; $i++) {
            $searchdn=$info[$i]["dn"];
            $searchalias=$info[$i]["alias"][0];
        }

        if($searchdn){
            $secfilter=$firstfilter;
            $sr2=ldap_search($ldap,$searchin,$secfilter);
            $info2 = ldap_get_entries($ldap, $sr2);
            $i=0;
            if(count($info2)){
                if (!($res = @ldap_bind($ldap,$searchdn,addslashes($password)))) {
                  return 1 ;
                }else{
                    ldap_close($ldap);
                    return 0 ;
                }
            }
        }else{
            return 1 ;
        }
    }
}
4

2 回答 2

0

如果你在 L4 上,你可以试试这个包https://github.com/wells/l4-ldap-ntlm

于 2013-10-04T07:24:04.740 回答
0

我通过这种方式扩展 Auth 类解决了这个问题。

    use Illuminate\Hashing\HasherInterface,
    Illuminate\Auth\UserInterface,
    Illuminate\Auth\UserProviderInterface;

class XyzUserProvider implements UserProviderInterface {

    /**
     * The hasher implementation.
     *
     * @var \Illuminate\Hashing\HasherInterface
     */
    protected $hasher;

    /**
     * The Eloquent user model.
     *
     * @var string
     */
    protected $model;

    /**
     * Retrieve a user by their unique identifier.
     *
     * @param  mixed  $identifier
     * @return \Illuminate\Auth\UserInterface|null
     */
    public function retrieveById($identifier)
    {
        $user = new UserModel;
        return $user->newQuery()->find($identifier);
    }

    /**
     * Retrieve a user by the given credentials.
     *
     * @param  array  $credentials
     * @return \Illuminate\Auth\UserInterface|null
     */
    public function retrieveByCredentials(array $credentials)
    {
        // First we will add each credential element to the query as a where clause.
        // Then we can execute the query and, if we found a user, return it in a
        // Eloquent User "model" that will be utilized by the Guard instances.
        $user = new UserModel;
        $query = $user->newQuery();

        foreach ($credentials as $key => $value)
        {
            if ( ! str_contains($key, 'password')) $query->where($key, $value);
        }
        return $query->first();
    }

    /**
     * Validate a user against the given credentials.
     *
     * @param  \Illuminate\Auth\UserInterface  $user
     * @param  array  $credentials
     * @return bool
     */
    public function validateCredentials(UserInterface $user, array $credentials)
    {
        $login_attempt = $this->validateLogin($credentials['username'],$credentials['password']);
        if($login_attempt == 0)
            return true;
        else
            return false;
    }

    public function validateLogin($username,$password)
    {
        if($username=="" || $password=="")
            return 1 ;
        $server1="ldap.xyz.com";   //server1 ip or dns
        $server2="ldap.xyz.com";  //server2 ip or dns

        $firstqry=array("alias,sn,givenname,mail,dn");
        $secqry=array("givenname,jobtitledescription,sn,alias,mail,l,employeenumber");

        $firstfilter="(alias=$username)";
        $searchin="o=XYZ,c=AN";


        $ldap=ldap_connect($server1,389);
        if (!($res = @ldap_bind($ldap))) {
          //echo "<b>Cannt Contact Server 1 :" .$server1 .", Now Contacting Server 2 :".$server2. ".....</b><br>";
          $laststatus=ldap_errno($ldap);
          if($laststatus==81){
             $ldap=ldap_connect($server2,389);
             if (!($res = @ldap_bind($ldap))) {
                //echo "<b>Cannt Contact Server 2 :" .$server2 ."...</B><br>";
                $laststatus=ldap_errno($ldap);
                if($laststatus==81){
                   //echo "<b>Please Contact The Network Adminstartion!!</b><br>";
                   return 2 ; // server not found
                }
             }else{
                   $laststatus=ldap_errno($ldap);
             }
          }
        }else{
          $laststatus=ldap_errno($ldap);
        }

        //echo "Connection :" .ldap_error($ldap)."<br>";
        if($laststatus==0){
            $sr=ldap_search($ldap,$searchin,$firstfilter,$firstqry);
            $info = ldap_get_entries($ldap, $sr);
            for ($i=0; $i<$info["count"]; $i++) {
                $searchdn=$info[$i]["dn"];
                $searchalias=$info[$i]["alias"][0];
            }

            if($searchdn){
                $secfilter=$firstfilter;
                $sr2=ldap_search($ldap,$searchin,$secfilter);
                $info2 = ldap_get_entries($ldap, $sr2);
                $i=0;
                if(count($info2)){
                    if (!($res = @ldap_bind($ldap,$searchdn,addslashes($password)))) {
                      return 1 ;
                    }else{
                        ldap_close($ldap);
                        return 0 ;
                    }
                }
            }else{
                return 1 ;
            }
        }
    }

}
于 2014-02-19T03:37:35.863 回答