Mirrors/sftpgo
1
0
Fork 0
mirror of https://github.com/drakkan/sftpgo.git synced 2025-12-07 23:00:55 +03:00
Code Issues Packages Projects Releases Wiki Activity

sftpd: refactor multi-step authentication

Browse Source 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
This commit is contained in:
Nicola Murino
2023-08-04 20:56:23 +02:00
parent c03bcb3a8a
commit af0d7b48ad
9 changed files with 195 additions and 231 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
internal/ftpd/server.go
View File

@@ -274,7 +274,7 @@ func (s *Server) VerifyConnection(cc ftpserver.ClientContext, user string, tlsCo
s.setTLSConnVerified(cc.ID(), true)
if dbUser.IsLoginMethodAllowed(dataprovider.LoginMethodTLSCertificate, common.ProtocolFTP, nil) {
if dbUser.IsLoginMethodAllowed(dataprovider.LoginMethodTLSCertificate, common.ProtocolFTP) {
connection, err := s.validateUser(dbUser, cc, dataprovider.LoginMethodTLSCertificate)
defer updateLoginMetrics(&dbUser, ipAddr, dataprovider.LoginMethodTLSCertificate, err)
@@ -371,7 +371,7 @@ func (s *Server) validateUser(user dataprovider.User, cc ftpserver.ClientContext
logger.Info(logSender, connectionID, "cannot login user %q, protocol FTP is not allowed", user.Username)
return nil, fmt.Errorf("protocol FTP is not allowed for user %q", user.Username)
}
if !user.IsLoginMethodAllowed(loginMethod, common.ProtocolFTP, nil) {
if !user.IsLoginMethodAllowed(loginMethod, common.ProtocolFTP) {
logger.Info(logSender, connectionID, "cannot login user %q, %v login method is not allowed",
user.Username, loginMethod)
return nil, fmt.Errorf("login method %v is not allowed for user %q", loginMethod, user.Username)