okasion/ldapdock
2
1
Fork 0
Code Issues 9 Pull Requests Actions Packages Projects 1 Releases Wiki Activity

Added phplogin.php

Browse Source
This commit is contained in:
Marisa 2025-12-18 09:24:35 -05:00
parent 326895dffd
commit 8dc358ded5
1 changed files with 90 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

91
entrypoint.sh
View File

@ -37,7 +37,8 @@ slapd -h "ldap:/// ldapi:///" -u openldap -g openldap &
SLAPD_PID=$!
sleep 8
# Full tree with root entry
# Full tree with root and users entries
echo "--> Creating base.ldif with root and user entries"
cat > /tmp/base.ldif <<EOF
dn: ${LDAP_BASE_DN}
objectClass: top
@ -75,6 +76,93 @@ homeDirectory: /home/marisa
gecos: Marisa Kirisame
EOF
# Create phplogin.php with dynamic base DN
echo "--> Creating phplogin.php with full users support"
cat > /var/www/html/phplogin.php <<'EOF'
<?php
// Use the same logic as entrypoint.sh, but with better localhost handling
$raw_host = $_SERVER['HTTP_HOST'] ?? 'example.com';
$raw_host = preg_replace('/:\d+$/', '', $raw_host); // strip port if present
if ($raw_host === 'localhost' || $raw_host === '127.0.0.1') {
// When testing locally via http://localhost → assume default example.com
$base_dn = 'dc=example,dc=com';
} else {
// Normal case: build dc=... from real hostname
$host_parts = explode('.', $raw_host);
$base_dn = '';
foreach ($host_parts as $part) {
if ($part) $base_dn .= ($base_dn ? ',' : '') . 'dc=' . $part;
}
if (!$base_dn) $base_dn = 'dc=example,dc=com'; // ultimate fallback
}
$msg = '';
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$username = trim($_POST['username'] ?? '');
$password = $_POST['password'] ?? '';
if ($username && $password) {
$ldap = ldap_connect("ldap://127.0.0.1:389");
if ($ldap) {
ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0);
if (ldap_start_tls($ldap)) {
// First: try admin bind (no ou=People)
$admin_dn = "cn=admin,{$base_dn}";
if (@ldap_bind($ldap, $admin_dn, $password)) {
$msg = "<p style='color:green;font-weight:bold'>Login successful! Welcome <strong>admin</strong> (full privileges)</p>";
}
// Second: if not admin, try regular user
elseif (@ldap_bind($ldap, "uid={$username},ou=People,{$base_dn}", $password)) {
$msg = "<p style='color:green;font-weight:bold'>Login successful! Welcome {$username}</p>";
}
else {
$msg = "<p style='color:red'>Invalid credentials</p>";
}
} else {
$msg = "<p style='color:red'>StartTLS failed</p>";
}
ldap_close($ldap);
} else {
$msg = "<p style='color:red'>Could not connect to LDAP server</p>";
}
} else {
$msg = "<p style='color:red'>Please fill both fields</p>";
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title>ldapdock LDAP login</title>
<style>
body { font-family: Arial, sans-serif; max-width: 400px; margin: 100px auto; text-align: center; }
input, button { padding: 10px; margin: 5px; width: 100%; font-size: 16px; box-sizing: border-box; }
button { background: #007cba; color: white; border: none; cursor: pointer; }
.note { font-size: 0.9em; color: #666; }
</style>
</head>
<body>
<h1>ldapdock login</h1>
<p>Server base DN: <strong><?= htmlspecialchars($base_dn) ?></strong></p>
<?= $msg ?>
<form method="post">
<input type="text" name="username" placeholder="Username (marisa or admin)" required autofocus>
<input type="password" name="password" placeholder="Password" required>
<button type="submit">Login</button>
</form>
<hr>
<div class="note">
<strong>Test accounts:</strong><br>
Regular user: <code>marisa</code> / password: <code>MarisaNewPass2025</code><br>
Admin user: <code>admin</code> / password: <code>admin</code>
</div>
</body>
</html>
EOF
ADMIN_DN="cn=admin,${LDAP_BASE_DN}"
ADMIN_PW="admin"
@ -272,6 +360,7 @@ fi
echo "--> ldapdock ready — OpenLDAP + Apache + PHP running"
echo " → LDAP: 389/636"
echo " → PHPinfo: https://localhost/info.php"
echo " → PHPlogin test: https://localhost/phplogin.php"
echo " → Shell: /bin/bash"
echo " → Exit with CTRL+D or 'exit' command"