feat(auth): verify ldap config before trying to connect

2026-03-12 01:59:34 -05:00 · 2025-01-27 15:26:07 +01:00
parent 36185f55ee
commit 03412dd358
2 changed files with 29 additions and 6 deletions
--- a/pkg/initialize/init.go
+++ b/pkg/initialize/init.go
@@ -82,11 +82,7 @@ func FullInitWithoutAsync() {
 	mail.StartMailDaemon()

 	// Connect to ldap if enabled
-	l, err := ldap.ConnectAndBindToLDAPDirectory()
-	if err != nil {
-		log.Fatalf("Could not bind to LDAP server: %s", err)
-	}
-	_ = l.Close()
+	ldap.InitializeLDAPConnection()
 }

 // FullInit initializes all kinds of things in the right order
--- a/pkg/modules/auth/ldap/ldap.go
+++ b/pkg/modules/auth/ldap/ldap.go
@@ -29,11 +29,38 @@ import (
 	"xorm.io/xorm"
 )

-func ConnectAndBindToLDAPDirectory() (l *ldap.Conn, err error) {
+func InitializeLDAPConnection() {
 	if !config.AuthLdapEnabled.GetBool() {
 		return
 	}

+	if config.AuthLdapHost.GetString() == "" {
+		log.Fatal("LDAP host is not configured")
+	}
+	if config.AuthLdapPort.GetInt() == 0 {
+		log.Fatal("LDAP port is not configured")
+	}
+	if config.AuthLdapBaseDN.GetString() == "" {
+		log.Fatal("LDAP base DN is not configured")
+	}
+	if config.AuthLdapBindDN.GetString() == "" {
+		log.Fatal("LDAP bind DN is not configured")
+	}
+	if config.AuthLdapBindPassword.GetString() == "" {
+		log.Fatal("LDAP bind password is not configured")
+	}
+	if config.AuthLdapUserFilter.GetString() == "" {
+		log.Fatal("LDAP user filter is not configured")
+	}
+
+	l, err := ConnectAndBindToLDAPDirectory()
+	if err != nil {
+		log.Fatalf("Could not bind to LDAP server: %s", err)
+	}
+	_ = l.Close()
+}
+
+func ConnectAndBindToLDAPDirectory() (l *ldap.Conn, err error) {
 	var protocol = "ldap"
 	if config.AuthLdapUseTLS.GetBool() {
 		protocol = "ldaps"