Merge pull request #992 from theangryangel/fix/ldap-auth

Attempt 3 to fix LDAP login issues when git pushing after password change

modules/auth/auth.go

@@ -108,17 +108,16 @@ func SignedInUser(req *http.Request, sess session.Store) (*models.User, bool) {
 			auths := strings.Fields(baHead)
 			if len(auths) == 2 && auths[0] == "Basic" {
 				uname, passwd, _ := base.BasicAuthDecode(auths[1])
-				u, err := models.GetUserByName(uname)
+
+				u, err := models.UserSignIn(uname, passwd)
 				if err != nil {
 					if err != models.ErrUserNotExist {
-						log.Error(4, "GetUserByName: %v", err)
+						log.Error(4, "UserSignIn: %v", err)
 					}
 					return nil, false
 				}
 
-				if u.ValidtePassword(passwd) {
-					return u, true
-				}
+				return u, true
 			}
 		}
 		return nil, false

routers/repo/http.go

@@ -105,10 +105,10 @@ func Http(ctx *middleware.Context) {
 			return
 		}
 
-		authUser, err = models.GetUserByName(authUsername)
+		authUser, err := models.UserSignIn(authUsername, authPasswd)
 		if err != nil {
 			if err != models.ErrUserNotExist {
-				ctx.Handle(500, "GetUserByName", err)
+				ctx.Handle(500, "UserSignIn error: %v", err)
 				return
 			}
 
@@ -128,12 +128,6 @@ func Http(ctx *middleware.Context) {
 				return
 			}
 			authUsername = authUser.Name
-		} else {
-			// Check user's password when username is correctly presented.
-			if !authUser.ValidtePassword(authPasswd) {
-				ctx.Handle(401, "invalid password", nil)
-				return
-			}
 		}
 
 		if !isPublicPull {