feat(ldap): support webdav, ftp and sftp login #1746
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
7 tasks
Member
|
其实也没有那么Breaking。。。 |
Member
Author
你说得对,主要是一开始我没把allow ldap的默认值设为true,感觉有默认值以后就不breaking了 |
Contributor
There was a problem hiding this comment.
Pull request overview
This PR adds support for LDAP authentication across WebDAV, FTP, and SFTP protocols. The implementation refactors LDAP login logic into a common package and introduces a new allow_ldap user field to control LDAP access per user.
Key Changes:
- Extracted LDAP authentication logic into
server/common/ldap.gofor reuse across multiple protocols - Added
allow_ldapboolean field to the User model with a default value oftrue - Integrated LDAP authentication fallback in WebDAV, FTP, and SFTP authentication handlers
Reviewed changes
Copilot reviewed 6 out of 6 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
| server/common/ldap.go | New file containing extracted LDAP authentication logic (HandleLdapLogin, LdapRegister) and dial helper function |
| server/handles/ldap_login.go | Refactored to use common LDAP functions; added allow_ldap permission check |
| server/webdav.go | Introduced tryLogin helper that attempts LDAP auth if local password validation fails and user has LDAP enabled |
| server/ftp.go | Added LDAP authentication fallback when password hash validation fails |
| server/sftp.go | Added LDAP authentication fallback when password hash validation fails |
| internal/model/user.go | Added AllowLdap field with default value true to control per-user LDAP access |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Member
Author
|
Copilot 说有问题的代码全部是我从 |
Member
|
我觉得有几个还说的挺对的,比如连接没关我好像也没找到哪里关,另外比如那个cert verify也不应该直接去掉,应该改成驱动配置选项用户自己选。 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description / 描述
支持 WebDAV、FTP 和 SFTP 端口使用 LDAP 验证。
用户表新增列
allow_ldap,只有启用时才支持该用户通过 LDAP 登录,从旧版本升级上来后默认值为true。Motivation and Context / 背景
How Has This Been Tested? / 测试
Checklist / 检查清单
我已阅读 CONTRIBUTING 文档。
go fmtor prettier.我已使用
go fmt或 prettier 格式化提交的代码。我已为此 PR 添加了适当的标签(如无权限或需要的标签不存在,请在描述中说明,管理员将后续处理)。
我已在适当情况下使用"Request review"功能请求相关代码作者进行审查。
我已相应更新了相关仓库(若适用)。