From 6bdd191cbf440506abc0440bba732dc41ee4996f Mon Sep 17 00:00:00 2001 From: Griffin Smith Date: Thu, 23 Jul 2020 18:42:15 -0400 Subject: fix(web/panettone): Fix failure on invalid username Handle if the username submitted to the login form is one of a nonexistent user, rather than returning a 500 Fixes: #1 Change-Id: Iebc68dea3c91dc928e4386cb172d3c1515fb1556 Reviewed-on: https://cl.tvl.fyi/c/depot/+/1402 Tested-by: BuildkiteCI Reviewed-by: kanepyork --- web/panettone/src/panettone.lisp | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) (limited to 'web') diff --git a/web/panettone/src/panettone.lisp b/web/panettone/src/panettone.lisp index b654dc1d6a..b8e5d35079 100644 --- a/web/panettone/src/panettone.lisp +++ b/web/panettone/src/panettone.lisp @@ -81,17 +81,17 @@ "Checks the given USER-OR-USERNAME has the given PASSWORD, by making a bind request against the ldap server at *ldap*. Returns the user if authentication is successful, `nil' otherwise" - (let* ((user (if (typep user-or-username 'user) user-or-username - (find-user user-or-username))) - (dn (dn user))) - (multiple-value-bind (_r code-sym _msg) - (ldap:bind - (ldap:new-ldap :host (ldap:host *ldap*) - :port (ldap:port *ldap*) - :user dn - :pass password)) - (when (equalp code-sym 'trivial-ldap:success) - user)))) + (when-let ((user (if (typep user-or-username 'user) user-or-username + (find-user user-or-username)))) + (let ((dn (dn user))) + (multiple-value-bind (_r code-sym _msg) + (ldap:bind + (ldap:new-ldap :host (ldap:host *ldap*) + :port (ldap:port *ldap*) + :user dn + :pass password)) + (when (equalp code-sym 'trivial-ldap:success) + user))))) (defun author (object) (find-user-by-dn (author-dn object))) -- cgit 1.4.1