fix(web/panettone): Fix failure on invalid username r/1446

Handle if the username submitted to the login form is one of a
nonexistent user, rather than returning a 500

Fixes: #1
Change-Id: Iebc68dea3c91dc928e4386cb172d3c1515fb1556
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1402
Tested-by: BuildkiteCI
Reviewed-by: kanepyork <rikingcoding@gmail.com>

1 files changed, 11 insertions, 11 deletions

diff --git a/web/panettone/src/panettone.lisp b/web/panettone/src/panettone.lisp
index b654dc1d6a..b8e5d35079 100644
--- a/web/panettone/src/panettone.lisp
+++ b/web/panettone/src/panettone.lisp
@@ -81,17 +81,17 @@
   "Checks the given USER-OR-USERNAME has the given PASSWORD, by making a bind
 request against the ldap server at *ldap*. Returns the user if authentication is
 successful, `nil' otherwise"
-  (let* ((user (if (typep user-or-username 'user) user-or-username
-                   (find-user user-or-username)))
-         (dn (dn user)))
-    (multiple-value-bind (_r code-sym _msg)
-        (ldap:bind
-         (ldap:new-ldap :host (ldap:host *ldap*)
-                        :port (ldap:port *ldap*)
-                        :user dn
-                        :pass password))
-      (when (equalp code-sym 'trivial-ldap:success)
-        user))))
+  (when-let ((user (if (typep user-or-username 'user) user-or-username
+                       (find-user user-or-username))))
+    (let ((dn (dn user)))
+      (multiple-value-bind (_r code-sym _msg)
+          (ldap:bind
+           (ldap:new-ldap :host (ldap:host *ldap*)
+                          :port (ldap:port *ldap*)
+                          :user dn
+                          :pass password))
+        (when (equalp code-sym 'trivial-ldap:success)
+          user)))))
 
 (defun author (object)
   (find-user-by-dn (author-dn object)))