Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Enhanced LDAP user password / 增强ldap用户密码
  • Loading branch information
star7th committed Nov 20, 2021
1 parent 335afc7 commit a9886f2
Show file tree
Hide file tree
Showing 3 changed files with 20 additions and 3 deletions.
Expand Up @@ -100,7 +100,7 @@ public function saveLdapConfig(){
}
//如果该用户不在数据库里,则帮助其注册
if(!D("User")->isExist($ldap_user)){
D("User")->register($ldap_user,$ldap_user.time());
D("User")->register($ldap_user,$ldap_user.get_rand_str());
}
}
D("Options")->set("ldap_form" , json_encode( $ldap_form)) ;
Expand Down Expand Up @@ -221,7 +221,7 @@ public function checkLdapLogin(){
//如果该用户不在数据库里,则帮助其注册
$userInfo = D("User")->isExist($username) ;
if(!$userInfo){
D("User")->register($ldap_user,$ldap_user.time());
D("User")->register($ldap_user,$ldap_user.get_rand_str());
}
$rs2=ldap_bind($ldap_conn, $dn , $password);
if ($rs2) {
Expand Down
2 changes: 1 addition & 1 deletion server/Application/Api/Model/UserModel.class.php
Expand Up @@ -92,7 +92,7 @@ public function checkLdapLogin($username ,$password ){
//如果该用户不在数据库里,则帮助其注册
$userInfo = D("User")->isExist($username) ;
if(!$userInfo){
D("User")->register($ldap_user,$ldap_user.time());
D("User")->register($ldap_user,$ldap_user.get_rand_str());
}
$rs2=ldap_bind($ldap_conn, $dn , $password);
if ($rs2) {
Expand Down
17 changes: 17 additions & 0 deletions server/Application/Common/Common/function.php
Expand Up @@ -212,4 +212,21 @@ function uncompress_string($string){
function env($name , $default_value = false){
return getenv($name) ? getenv($name) : $default_value ;

}

// 获取随机字符串
function get_rand_str($len = 32 ){
// 对于php7以上版本,可利用random_bytes产生随机
if(version_compare(PHP_VERSION,'7.0','>')){
$rand = bin2hex( random_bytes( 16 ) );
return substr($rand,0,$len);
}else{
// 对于低版本,只好尽量加大长度实现伪随机,增大暴力破解难度
$s1 = microtime(true).time().rand().rand().rand().microtime(true).time().rand().rand().rand();
$s2 = microtime(true).time().rand().rand().rand().microtime(true).time().rand().rand().rand();
$md5 = md5($s2.base64_encode($s1));
return substr($md5,0,$len);
}


}

2 comments on commit a9886f2

@Hitcleft32
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Subscriber

@Hitcleft32
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Subscriber

Bout+ bout...

Please sign in to comment.