MCPcopy
hub / github.com/OpenListTeam/OpenList / PasswordAuth

Method PasswordAuth

server/sftp.go:95–122  ·  view source on GitHub ↗
(conn ssh.ConnMetadata, password []byte)

Source from the content-addressed store, hash-verified

93}
94
95func (d *SftpDriver) PasswordAuth(conn ssh.ConnMetadata, password []byte) (*ssh.Permissions, error) {
96 ip := conn.RemoteAddr().String()
97 count, ok := model.LoginCache.Get(ip)
98 if ok && count >= model.DefaultMaxAuthRetries {
99 model.LoginCache.Expire(ip, model.DefaultLockDuration)
100 return nil, errors.New("Too many unsuccessful sign-in attempts have been made using an incorrect username or password, Try again later.")
101 }
102 pass := string(password)
103 userObj, err := op.GetUserByName(conn.User())
104 if err == nil {
105 err = userObj.ValidateRawPassword(pass)
106 if err != nil && setting.GetBool(conf.LdapLoginEnabled) && userObj.AllowLdap {
107 err = common.HandleLdapLogin(conn.User(), pass)
108 }
109 } else if setting.GetBool(conf.LdapLoginEnabled) && model.CanFTPAccess(int32(setting.GetInt(conf.LdapDefaultPermission, 0))) {
110 userObj, err = tryLdapLoginAndRegister(conn.User(), pass)
111 }
112 if err != nil {
113 model.LoginCache.Set(ip, count+1)
114 return nil, err
115 }
116 if userObj.Disabled || !userObj.CanFTPAccess() {
117 model.LoginCache.Set(ip, count+1)
118 return nil, errors.New("user is not allowed to access via SFTP")
119 }
120 model.LoginCache.Del(ip)
121 return nil, nil
122}
123
124func (d *SftpDriver) PublicKeyAuth(conn ssh.ConnMetadata, key ssh.PublicKey) (*ssh.Permissions, error) {
125 userObj, err := op.GetUserByName(conn.User())

Callers

nothing calls this directly

Calls 13

GetUserByNameFunction · 0.92
GetBoolFunction · 0.92
HandleLdapLoginFunction · 0.92
CanFTPAccessFunction · 0.92
GetIntFunction · 0.92
tryLdapLoginAndRegisterFunction · 0.85
ValidateRawPasswordMethod · 0.80
CanFTPAccessMethod · 0.80
GetMethod · 0.65
UserMethod · 0.65
DelMethod · 0.65
StringMethod · 0.45

Tested by

no test coverage detected