From 68b9ffb9089ecef8f1276fa211aea9dc505427c6 Mon Sep 17 00:00:00 2001
From: snipe <snipe@snipe.net>
Date: Thu, 1 Dec 2016 00:29:45 -0800
Subject: [PATCH] Only allow login via LDAP if the user was already imported or
 created via LDAP

---
 app/Http/Controllers/Auth/AuthController.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/Http/Controllers/Auth/AuthController.php b/app/Http/Controllers/Auth/AuthController.php
index dcc84461a5..7db3752168 100644
--- a/app/Http/Controllers/Auth/AuthController.php
+++ b/app/Http/Controllers/Auth/AuthController.php
@@ -75,8 +75,8 @@ class AuthController extends Controller
             LOG::debug("LDAP user ".$request->input('username')." successfully bound to LDAP");
         }
 
-        // Check if the user exists in the database
-        $user = User::where('username', '=', Input::get('username'))->whereNull('deleted_at')->first();
+        // Check if the user already exists in the database and was imported via LDAP
+        $user = User::where('username', '=', Input::get('username'))->whereNull('deleted_at')->where('ldap_import','=',1)->first();
         LOG::debug("Local auth lookup complete");
 
         // The user does not exist in the database. Try to get them from LDAP.