This commit is contained in:
Chris Mann 2023-07-23 13:37:20 +02:00
parent f59f40b6e6
commit 01601a3842
3 changed files with 30 additions and 5 deletions

10
gpas.go
View file

@ -83,7 +83,7 @@ func passwordLost(user User, config *ConfigFile, ldapConn *ldap.Conn) error {
return nil return nil
} }
func passwordFound(user User, config *ConfigFile, ldapConn *ldap.Conn) (bool, error) { func passwordFound(user User, config *ConfigFile, ldapConn *ldap.Conn) (string, error) {
l, err := openLdap(config) l, err := openLdap(config)
if err != nil { if err != nil {
return false, err return false, err
@ -96,8 +96,10 @@ func passwordFound(user User, config *ConfigFile, ldapConn *ldap.Conn) (bool, er
log.Printf("passwordFound %v", err) log.Printf("passwordFound %v", err)
log.Printf("passwordFound %v", user.DN) log.Printf("passwordFound %v", user.DN)
log.Printf("passwordFound %v", user.UID) log.Printf("passwordFound %v", user.UID)
log.Printf("passwordFound %v", user.Password) return "", err
return false, err
} }
return true, nil searchReq := ldap.NewSearchRequest(user.DN, ldap.ScopeBaseObject,
ldap.NeverDerefAliases, 0, 0, false, "", []string{"seeAlso"}, nil)
searchRes, _ := ldapConn.Search(searchReq)
return searchRes.Entries[0].GetAttributeValue("seeAlso"), nil
} }

View file

@ -28,6 +28,7 @@ type User struct {
CanAdmin bool CanAdmin bool
CanInvite bool CanInvite bool
UserEntry *ldap.Entry UserEntry *ldap.Entry
SeeAlso string
} }
func get(user User, config *ConfigFile, ldapConn *ldap.Conn) (*User, error) { func get(user User, config *ConfigFile, ldapConn *ldap.Conn) (*User, error) {

View file

@ -144,12 +144,34 @@ func handleFoundPassword(w http.ResponseWriter, r *http.Request) {
Password: codeArray[1], Password: codeArray[1],
DN: "uid=" + codeArray[0] + ",ou=invitations,dc=resdigita,dc=org", DN: "uid=" + codeArray[0] + ",ou=invitations,dc=resdigita,dc=org",
} }
data.Success, err = passwordFound(user, config, ldapConn) dn, err = passwordFound(user, config, ldapConn)
if err != nil { if err != nil {
log.Printf("handleFoundPassword / passwordFound %v", err) log.Printf("handleFoundPassword / passwordFound %v", err)
log.Printf("handleFoundPassword / passwordFound %v", err) log.Printf("handleFoundPassword / passwordFound %v", err)
data.ErrorMessage = err.Error() data.ErrorMessage = err.Error()
} }
if r.Method == "POST" {
r.ParseForm()
password := strings.Join(r.Form["password"], "")
password2 := strings.Join(r.Form["password2"], "")
if len(password) < 8 {
data.TooShortError = true
} else if password2 != password {
data.NoMatchError = true
} else {
err := passwd(User{
DN: user.SeeAlso,
Password: password,
}, config, ldapConn)
if err != nil {
data.ErrorMessage = err.Error()
} else {
data.Success = true
}
}
}
templateFoundPasswordPage.Execute(w, data) templateFoundPasswordPage.Execute(w, data)
} }