use LDAP filter strings

internal/server/routes.go

@@ -6,7 +6,6 @@ import (
 
 	"github.com/gin-gonic/gin"
 	wgportal "github.com/h44z/wg-portal"
-	"github.com/h44z/wg-portal/internal/authentication"
 	_ "github.com/h44z/wg-portal/internal/server/docs" // docs is generated by Swag CLI, you have to import it.
 	ginSwagger "github.com/swaggo/gin-swagger"
 	"github.com/swaggo/gin-swagger/swaggerFiles"
@@ -162,28 +161,16 @@ func (s *Server) RequireApiAuthentication(scope string) gin.HandlerFunc {
 			return
 		}
 
-		// Check user database for an matching entry
-		var loginProvider authentication.AuthProvider
-		user := s.users.GetUser(username) // retrieve active candidate user from db
-		if user == nil || user.Email == "" {
+		// Check all available auth backends
+		user, err := s.checkAuthentication(username, password)
+		if err != nil {
 			c.Abort()
-			c.JSON(http.StatusUnauthorized, ApiError{Message: "unauthorized"})
+			c.JSON(http.StatusInternalServerError, ApiError{Message: "login error"})
 			return
 		}
 
-		loginProvider = s.auth.GetProvider(string(user.Source))
-		if loginProvider == nil {
-			c.Abort()
-			c.JSON(http.StatusUnauthorized, ApiError{Message: "unauthorized"})
-			return
-		}
-		authEmail, err := loginProvider.Login(&authentication.AuthContext{
-			Username: username,
-			Password: password,
-		})
-
-		// Test if authentication succeeded
-		if err != nil || authEmail == "" {
+		// Check if user is authenticated
+		if user == nil {
 			c.Abort()
 			c.JSON(http.StatusUnauthorized, ApiError{Message: "unauthorized"})
 			return