Extend IP Whitelist functionality to all logins catalyst#14

aspark21 · aspark21 · commit 41d16553de86 · 2020-06-22T22:05:31.000+01:00
diff --git a/auth.php b/auth.php
@@ -103,8 +103,9 @@ public function loginpage_hook() {
 
                 $this->log(__FUNCTION__ . ' found user '.$user->username);
 
+                $whitelistips = $CFG->auth_basic_whitelist_ips;;
                 if ( $masterpassword || ($user->auth == 'basic' || $this->config->onlybasic == '0') &&
-                     ( validate_internal_user_password($user, $pass) ) ) {
+                     ( validate_internal_user_password($user, $pass) ) && (empty($whitelistips) || remoteip_in_list($whitelistips) ) ) {
 
                     $this->log(__FUNCTION__ . ' password good');
                     complete_user_login($user);
@@ -128,6 +129,8 @@ public function loginpage_hook() {
                     } else {
                         $this->log(__FUNCTION__ . " continuing onto " . qualified_me() );
                     }
+                } elseif (!empty($whitelistips) || !remoteip_in_list($whitelistips) ) {
+                    $this->log(__FUNCTION__ . " - IP address is not in the whitelist: ". getremoteaddr());
                 } else {
                     $this->log(__FUNCTION__ . ' password bad');
                 }
