Hi.
I use yii2-adldap-module by Edvler for user authentication through AD in Yii2.
I set up config/main.php like the readme example, then in LoginForm model change validatePassword() method on:
public function validatePassword($attribute, $params)
{
if (!$this->hasErrors()) {
$user = $this->getUser();
if (!$user || !Yii::$app->ldap->authenticate($this->username, $this->password, true)) {
$this->addError($attribute, 'Incorrect username or password.');
}
}
}
As well I changed this:
protected function getUser()
{
if ($this->_user === null) {
$this->_user = User::findInLdap($this->username);
}
return $this->_user;
}
public static function findInLdap($username)
{
if (!$user = static::findOne(['username' => $username])) {
$user = new User();
}
if ($user_ldap = Yii::$app->ldap->users()->find($username)) {
$user->username = $user_ldap->samaccountname[0];
//other code
}
return $user->save() ? $user : null;
}
Now after login validation is performed and user object is created, but all operations ran under the administrator credentials in config/main.php.
What am I doing wrong?