guichet/view-passwd.go

157 lines
4.2 KiB
Go
Raw Normal View History

2023-07-26 07:00:42 +00:00
package main
import (
b64 "encoding/base64"
"fmt"
"log"
"net/http"
"strings"
2023-07-26 11:16:41 +00:00
"github.com/go-ldap/ldap/v3"
2023-07-26 07:00:42 +00:00
"github.com/gorilla/mux"
)
2023-07-26 11:03:45 +00:00
func handleLostPassword(w http.ResponseWriter, r *http.Request) {
templateLostPasswordPage := getTemplate("passwd/lost.html")
if checkLogin(w, r) != nil {
http.Redirect(w, r, "/", http.StatusTemporaryRedirect)
}
data := PasswordLostData{
Common: NestedCommonTplData{
CanAdmin: false,
LoggedIn: false},
}
if r.Method == "POST" {
r.ParseForm()
data.Username = strings.TrimSpace(strings.Join(r.Form["username"], ""))
data.Mail = strings.TrimSpace(strings.Join(r.Form["mail"], ""))
data.OtherMailbox = strings.TrimSpace(strings.Join(r.Form["othermailbox"], ""))
user := User{
CN: strings.TrimSpace(strings.Join(r.Form["username"], "")),
UID: strings.TrimSpace(strings.Join(r.Form["username"], "")),
Mail: strings.TrimSpace(strings.Join(r.Form["mail"], "")),
OtherMailbox: strings.TrimSpace(strings.Join(r.Form["othermailbox"], "")),
}
2023-07-26 11:16:41 +00:00
ldapNewConn, err := openNewUserLdap(config)
2023-07-26 11:03:45 +00:00
if err != nil {
2023-07-26 11:16:41 +00:00
log.Printf(fmt.Sprintf("handleLostPassword 99 : %v %v", err, ldapNewConn))
2023-07-26 11:03:45 +00:00
data.Common.ErrorMessage = err.Error()
}
if err != nil {
2023-07-26 11:16:41 +00:00
log.Printf(fmt.Sprintf("handleLostPassword 104 : %v %v", err, ldapNewConn))
2023-07-26 11:03:45 +00:00
data.Common.ErrorMessage = err.Error()
} else {
2023-07-26 11:16:41 +00:00
// err = ldapConn.Bind(config.NewUserDN, config.NewUserPassword)
2023-07-26 11:03:45 +00:00
if err != nil {
2023-07-26 11:16:41 +00:00
log.Printf(fmt.Sprintf("handleLostPassword 109 : %v %v", err, ldapNewConn))
2023-07-26 11:03:45 +00:00
data.Common.ErrorMessage = err.Error()
} else {
data.Common.Success = true
}
}
2023-07-26 11:16:41 +00:00
err = passwordLost(user, config, ldapNewConn)
2023-07-26 11:03:45 +00:00
}
data.Common.CanAdmin = false
templateLostPasswordPage.Execute(w, data)
}
2023-07-26 07:00:42 +00:00
func handleFoundPassword(w http.ResponseWriter, r *http.Request) {
templateFoundPasswordPage := getTemplate("passwd.html")
data := PasswdTplData{
Common: NestedCommonTplData{
CanAdmin: false,
LoggedIn: false},
}
code := mux.Vars(r)["code"]
// code = strings.TrimSpace(strings.Join([]string{code}, ""))
newCode, _ := b64.URLEncoding.DecodeString(code)
ldapConn, err := openNewUserLdap(config)
if err != nil {
log.Printf(fmt.Sprint("handleFoundPassword / openNewUserLdap / %v", err))
data.Common.ErrorMessage = err.Error()
}
codeArray := strings.Split(string(newCode), ";")
user := User{
UID: codeArray[0],
Password: codeArray[1],
DN: "uid=" + codeArray[0] + ",ou=invitations,dc=resdigita,dc=org",
}
user.SeeAlso, err = passwordFound(user, config, ldapConn)
if err != nil {
log.Printf("handleFoundPassword / passwordFound %v", err)
log.Printf("handleFoundPassword / passwordFound %v", err)
data.Common.ErrorMessage = err.Error()
}
if r.Method == "POST" {
r.ParseForm()
password := strings.Join(r.Form["password"], "")
password2 := strings.Join(r.Form["password2"], "")
if len(password) < 8 {
data.TooShortError = true
} else if password2 != password {
data.NoMatchError = true
} else {
err := passwd(User{
DN: user.SeeAlso,
Password: password,
}, config, ldapConn)
if err != nil {
data.Common.ErrorMessage = err.Error()
} else {
data.Common.Success = true
}
}
}
data.Common.CanAdmin = false
templateFoundPasswordPage.Execute(w, data)
}
func handlePasswd(w http.ResponseWriter, r *http.Request) {
templatePasswd := getTemplate("passwd.html")
data := &PasswdTplData{
Common: NestedCommonTplData{
CanAdmin: false,
LoggedIn: true,
ErrorMessage: "",
Success: false,
},
}
login := checkLogin(w, r)
if login == nil {
2023-07-26 07:02:42 +00:00
http.Redirect(w, r, "/", http.StatusFound)
2023-07-26 07:00:42 +00:00
return
}
data.Login.Status = login
data.Common.CanAdmin = login.Common.CanAdmin
if r.Method == "POST" {
r.ParseForm()
password := strings.Join(r.Form["password"], "")
password2 := strings.Join(r.Form["password2"], "")
if len(password) < 8 {
data.TooShortError = true
} else if password2 != password {
data.NoMatchError = true
} else {
err := passwd(User{
DN: login.Info.DN,
Password: password,
}, config, login.conn)
if err != nil {
data.Common.ErrorMessage = err.Error()
} else {
data.Common.Success = true
}
}
}
data.Common.CanAdmin = false
templatePasswd.Execute(w, data)
}