function _ldapauth_user_authenticate in LDAP integration 5.2
Same name and namespace in other branches
- 5 ldapauth.module \_ldapauth_user_authenticate()
1 call to _ldapauth_user_authenticate()
File
- ./
ldapauth.module, line 778
Code
function _ldapauth_user_authenticate($name, $pass) {
global $user, $ldap;
// (Design decision) uid=1 (admin user) must always authenticate to local database
// this user is critical for all drupal admin and upgrade operations so it is best
// left with drupal's native authentication
$result = db_query("SELECT uid FROM {users} WHERE name = '%s'", $name);
if (($_user = db_fetch_object($result)) && $_user->uid == 1) {
$user = user_authenticate($name, $pass);
}
else {
// http://drupal.org/node/113884
if (!variable_get('ldap_login_process', LDAP_FIRST_LDAP)) {
// authenticate local users first
$local_user_count = db_num_rows(db_query("SELECT name FROM {users} WHERE data NOT LIKE '%%ldap\\_authentified%%' AND name='%s'", $name));
if ($local_user_count > 0) {
// a local user with same name exists -- authenticate that user
// drupal core user_authenticate will try to invoke ldapauth_auth in itself
// since the ldap resource is not setup, it will and should return false
// otherwise, drupal will happily create a new user and not tag it as a ldap user!
// nullify global ldap resource for good measure
$ldap = "";
$user = user_authenticate($name, $pass);
}
else {
// no such local user - check ldap
if (_ldapauth_check_ldap($name, $pass)) {
// login successful - user exists in LDAP - if not registered in LDAP, register; set cookie
$user = _ldapauth_save_user($name, $pass);
}
}
}
else {
// direct ldap authentication - check with ldap
if (_ldapauth_check_ldap($name, $pass)) {
// login successful - user exists in LDAP - if not registered in LDAP, register; set cookie
$user = _ldapauth_save_user($name, $pass);
}
}
}
return $user;
}