2023-07-26 07:00:42 +00:00
|
|
|
package main
|
|
|
|
|
|
|
|
import (
|
|
|
|
b64 "encoding/base64"
|
|
|
|
"fmt"
|
|
|
|
"log"
|
|
|
|
"net/http"
|
|
|
|
"strings"
|
|
|
|
|
2023-07-26 11:16:41 +00:00
|
|
|
"github.com/go-ldap/ldap/v3"
|
2023-07-26 07:00:42 +00:00
|
|
|
"github.com/gorilla/mux"
|
|
|
|
)
|
|
|
|
|
2023-07-26 11:03:45 +00:00
|
|
|
func handleLostPassword(w http.ResponseWriter, r *http.Request) {
|
|
|
|
templateLostPasswordPage := getTemplate("passwd/lost.html")
|
|
|
|
if checkLogin(w, r) != nil {
|
|
|
|
http.Redirect(w, r, "/", http.StatusTemporaryRedirect)
|
|
|
|
}
|
|
|
|
|
|
|
|
data := PasswordLostData{
|
|
|
|
Common: NestedCommonTplData{
|
|
|
|
CanAdmin: false,
|
|
|
|
LoggedIn: false},
|
|
|
|
}
|
|
|
|
|
|
|
|
if r.Method == "POST" {
|
|
|
|
r.ParseForm()
|
|
|
|
data.Username = strings.TrimSpace(strings.Join(r.Form["username"], ""))
|
|
|
|
data.Mail = strings.TrimSpace(strings.Join(r.Form["mail"], ""))
|
|
|
|
data.OtherMailbox = strings.TrimSpace(strings.Join(r.Form["othermailbox"], ""))
|
|
|
|
user := User{
|
|
|
|
CN: strings.TrimSpace(strings.Join(r.Form["username"], "")),
|
|
|
|
UID: strings.TrimSpace(strings.Join(r.Form["username"], "")),
|
|
|
|
Mail: strings.TrimSpace(strings.Join(r.Form["mail"], "")),
|
|
|
|
OtherMailbox: strings.TrimSpace(strings.Join(r.Form["othermailbox"], "")),
|
|
|
|
}
|
2023-07-26 11:16:41 +00:00
|
|
|
ldapNewConn, err := openNewUserLdap(config)
|
2023-07-26 11:03:45 +00:00
|
|
|
if err != nil {
|
2023-07-26 11:16:41 +00:00
|
|
|
log.Printf(fmt.Sprintf("handleLostPassword 99 : %v %v", err, ldapNewConn))
|
2023-07-26 11:03:45 +00:00
|
|
|
data.Common.ErrorMessage = err.Error()
|
|
|
|
}
|
|
|
|
if err != nil {
|
2023-07-26 11:16:41 +00:00
|
|
|
log.Printf(fmt.Sprintf("handleLostPassword 104 : %v %v", err, ldapNewConn))
|
2023-07-26 11:03:45 +00:00
|
|
|
data.Common.ErrorMessage = err.Error()
|
|
|
|
} else {
|
2023-07-26 11:16:41 +00:00
|
|
|
// err = ldapConn.Bind(config.NewUserDN, config.NewUserPassword)
|
2023-07-26 11:03:45 +00:00
|
|
|
if err != nil {
|
2023-07-26 11:16:41 +00:00
|
|
|
log.Printf(fmt.Sprintf("handleLostPassword 109 : %v %v", err, ldapNewConn))
|
2023-07-26 11:03:45 +00:00
|
|
|
data.Common.ErrorMessage = err.Error()
|
|
|
|
} else {
|
|
|
|
data.Common.Success = true
|
|
|
|
}
|
|
|
|
}
|
2023-07-26 11:16:41 +00:00
|
|
|
err = passwordLost(user, config, ldapNewConn)
|
2023-07-26 11:03:45 +00:00
|
|
|
}
|
|
|
|
data.Common.CanAdmin = false
|
|
|
|
templateLostPasswordPage.Execute(w, data)
|
|
|
|
}
|
|
|
|
|
2023-07-26 07:00:42 +00:00
|
|
|
func handleFoundPassword(w http.ResponseWriter, r *http.Request) {
|
|
|
|
templateFoundPasswordPage := getTemplate("passwd.html")
|
|
|
|
data := PasswdTplData{
|
|
|
|
Common: NestedCommonTplData{
|
|
|
|
CanAdmin: false,
|
|
|
|
LoggedIn: false},
|
|
|
|
}
|
|
|
|
code := mux.Vars(r)["code"]
|
|
|
|
// code = strings.TrimSpace(strings.Join([]string{code}, ""))
|
|
|
|
newCode, _ := b64.URLEncoding.DecodeString(code)
|
|
|
|
ldapConn, err := openNewUserLdap(config)
|
|
|
|
if err != nil {
|
|
|
|
log.Printf(fmt.Sprint("handleFoundPassword / openNewUserLdap / %v", err))
|
|
|
|
data.Common.ErrorMessage = err.Error()
|
|
|
|
}
|
|
|
|
codeArray := strings.Split(string(newCode), ";")
|
|
|
|
user := User{
|
|
|
|
UID: codeArray[0],
|
|
|
|
Password: codeArray[1],
|
|
|
|
DN: "uid=" + codeArray[0] + ",ou=invitations,dc=resdigita,dc=org",
|
|
|
|
}
|
|
|
|
user.SeeAlso, err = passwordFound(user, config, ldapConn)
|
|
|
|
if err != nil {
|
|
|
|
log.Printf("handleFoundPassword / passwordFound %v", err)
|
|
|
|
log.Printf("handleFoundPassword / passwordFound %v", err)
|
|
|
|
data.Common.ErrorMessage = err.Error()
|
|
|
|
}
|
|
|
|
if r.Method == "POST" {
|
|
|
|
r.ParseForm()
|
|
|
|
|
|
|
|
password := strings.Join(r.Form["password"], "")
|
|
|
|
password2 := strings.Join(r.Form["password2"], "")
|
|
|
|
|
|
|
|
if len(password) < 8 {
|
|
|
|
data.TooShortError = true
|
|
|
|
} else if password2 != password {
|
|
|
|
data.NoMatchError = true
|
|
|
|
} else {
|
|
|
|
err := passwd(User{
|
|
|
|
DN: user.SeeAlso,
|
|
|
|
Password: password,
|
|
|
|
}, config, ldapConn)
|
|
|
|
if err != nil {
|
|
|
|
data.Common.ErrorMessage = err.Error()
|
|
|
|
} else {
|
|
|
|
data.Common.Success = true
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
data.Common.CanAdmin = false
|
|
|
|
templateFoundPasswordPage.Execute(w, data)
|
|
|
|
}
|
|
|
|
|
|
|
|
func handlePasswd(w http.ResponseWriter, r *http.Request) {
|
|
|
|
templatePasswd := getTemplate("passwd.html")
|
|
|
|
data := &PasswdTplData{
|
|
|
|
Common: NestedCommonTplData{
|
|
|
|
CanAdmin: false,
|
|
|
|
LoggedIn: true,
|
|
|
|
ErrorMessage: "",
|
|
|
|
Success: false,
|
|
|
|
},
|
|
|
|
}
|
|
|
|
|
|
|
|
login := checkLogin(w, r)
|
|
|
|
if login == nil {
|
2023-07-26 07:02:42 +00:00
|
|
|
http.Redirect(w, r, "/", http.StatusFound)
|
2023-07-26 07:00:42 +00:00
|
|
|
return
|
|
|
|
}
|
|
|
|
data.Login.Status = login
|
|
|
|
data.Common.CanAdmin = login.Common.CanAdmin
|
|
|
|
|
|
|
|
if r.Method == "POST" {
|
|
|
|
r.ParseForm()
|
|
|
|
|
|
|
|
password := strings.Join(r.Form["password"], "")
|
|
|
|
password2 := strings.Join(r.Form["password2"], "")
|
|
|
|
|
|
|
|
if len(password) < 8 {
|
|
|
|
data.TooShortError = true
|
|
|
|
} else if password2 != password {
|
|
|
|
data.NoMatchError = true
|
|
|
|
} else {
|
|
|
|
err := passwd(User{
|
|
|
|
DN: login.Info.DN,
|
|
|
|
Password: password,
|
|
|
|
}, config, login.conn)
|
|
|
|
if err != nil {
|
|
|
|
data.Common.ErrorMessage = err.Error()
|
|
|
|
} else {
|
|
|
|
data.Common.Success = true
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
data.Common.CanAdmin = false
|
|
|
|
templatePasswd.Execute(w, data)
|
|
|
|
}
|