chris2fr/guichet
1
0
Fork 0
Code Issues 3 Pull requests Activity

Factoring the model user and correcting password

Browse source
This commit is contained in:
Chris Mann 2023-07-22 07:36:00 +02:00
parent 46bd43d52b
commit 25522b81fb
5 changed files with 77 additions and 137 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
Makefile
View file

@ -1,5 +1,5 @@
BIN=guichet BIN=guichet
SRC=main.go ssha.go profile.go admin.go invite.go directory.go utils.go picture.go login.go config.go http-utils.go home.go SRC=main.go ssha.go profile.go admin.go invite.go directory.go utils.go picture.go login.go config.go http-utils.go home.go model-user.go
DOCKER=lxpz/guichet_amd64 DOCKER=lxpz/guichet_amd64
all: $(BIN) all: $(BIN)

4
admin.go
View file

@ -1031,7 +1031,7 @@ func handleAdminCreate(w http.ResponseWriter, r *http.Request) {
} else if len(data.IdValue) == 0 { } else if len(data.IdValue) == 0 {
data.Error = "No identifier specified" data.Error = "No identifier specified"
} else { } else {
newUser := NewUser{ newUser := User{
DN: data.IdType + "=" + data.IdValue + "," + super_dn, DN: data.IdType + "=" + data.IdValue + "," + super_dn,
} }
// dn := data.IdType + "=" + data.IdValue + "," + super_dn // dn := data.IdType + "=" + data.IdValue + "," + super_dn
@ -1076,7 +1076,7 @@ func handleAdminCreate(w http.ResponseWriter, r *http.Request) {
// req.Attribute("description", []string{data.Description}) // req.Attribute("description", []string{data.Description})
} }
addNewUser(newUser, config, login.conn) add(newUser, config, login.conn)
// err := login.conn.Add(req) // err := login.conn.Add(req)
// // log.Printf(fmt.Sprintf("899: %v",err)) // // log.Printf(fmt.Sprintf("899: %v",err))

8
invite.go
View file

@ -147,7 +147,7 @@ func handleNewAccount(w http.ResponseWriter, r *http.Request, l *ldap.Conn, invi
if r.Method == "POST" { if r.Method == "POST" {
r.ParseForm() r.ParseForm()
newUser := NewUser{} newUser := User{}
// login := checkLogin(w, r) // login := checkLogin(w, r)
newUser.CN = fmt.Sprintf("%s@%s", strings.TrimSpace(strings.Join(r.Form["username"], "")), "lesgv.com") newUser.CN = fmt.Sprintf("%s@%s", strings.TrimSpace(strings.Join(r.Form["username"], "")), "lesgv.com")
@ -167,7 +167,11 @@ func handleNewAccount(w http.ResponseWriter, r *http.Request, l *ldap.Conn, invi
} else { } else {
newUser.Password = password2 newUser.Password = password2
l.Bind(config.NewUserDN, config.NewUserPassword) l.Bind(config.NewUserDN, config.NewUserPassword)
data.Success = addNewUser(newUser, config, l) err := add(newUser, config, l)
if err != nil {
data.Success = false
data.ErrorMessage = err.Error()
}
http.Redirect(w, r, "/admin/ldap/"+newUser.DN, http.StatusFound) http.Redirect(w, r, "/admin/ldap/"+newUser.DN, http.StatusFound)
} }

121
profile.go
View file

@ -8,15 +8,16 @@ import (
) )
type ProfileTplData struct { type ProfileTplData struct {
Status *LoginStatus Status *LoginStatus
ErrorMessage string ErrorMessage string
Success bool Success bool
Mail string Mail string
DisplayName string DisplayName string
GivenName string GivenName string
Surname string Surname string
Description string Description string
} }
//ProfilePicture string //ProfilePicture string
//Visibility string //Visibility string
@ -38,56 +39,70 @@ func handleProfile(w http.ResponseWriter, r *http.Request) {
data.DisplayName = login.UserEntry.GetAttributeValue("displayName") data.DisplayName = login.UserEntry.GetAttributeValue("displayName")
data.GivenName = login.UserEntry.GetAttributeValue("givenName") data.GivenName = login.UserEntry.GetAttributeValue("givenName")
data.Surname = login.UserEntry.GetAttributeValue("sn") data.Surname = login.UserEntry.GetAttributeValue("sn")
// data.Visibility = login.UserEntry.GetAttributeValue(FIELD_NAME_DIRECTORY_VISIBILITY) // data.Visibility = login.UserEntry.GetAttributeValue(FIELD_NAME_DIRECTORY_VISIBILITY)
data.Description = login.UserEntry.GetAttributeValue("description") data.Description = login.UserEntry.GetAttributeValue("description")
//data.ProfilePicture = login.UserEntry.GetAttributeValue(FIELD_NAME_PROFILE_PICTURE) //data.ProfilePicture = login.UserEntry.GetAttributeValue(FIELD_NAME_PROFILE_PICTURE)
if r.Method == "POST" { if r.Method == "POST" {
//5MB maximum size files //5MB maximum size files
r.ParseMultipartForm(5 << 20) r.ParseMultipartForm(5 << 20)
data.DisplayName = strings.TrimSpace(strings.Join(r.Form["display_name"], "")) user := User{
data.GivenName = strings.TrimSpace(strings.Join(r.Form["given_name"], "")) DN: login.Info.DN,
data.Surname = strings.TrimSpace(strings.Join(r.Form["surname"], "")) // CN: ,
data.Description = strings.Trim(strings.Join(r.Form["description"], ""), "") GivenName: strings.TrimSpace(strings.Join(r.Form["given_name"], "")),
/* DisplayName: strings.TrimSpace(strings.Join(r.Form["display_name"], "")),
visible := strings.TrimSpace(strings.Join(r.Form["visibility"], "")) Mail: strings.TrimSpace(strings.Join(r.Form["mail"], "")),
if visible != "" { SN: strings.TrimSpace(strings.Join(r.Form["surname"], "")),
visible = "on" //UID: ,
} else { Description: strings.TrimSpace(strings.Join(r.Form["description"], "")),
visible = "off" // Password: ,
}
data.Visibility = visible
*/
/*
profilePicture, err := uploadProfilePicture(w, r, login)
if err != nil {
data.ErrorMessage = err.Error()
} }
if profilePicture != "" { data.DisplayName = user.DisplayName
data.ProfilePicture = profilePicture data.GivenName = user.GivenName
} data.Surname = user.SN
*/ data.Description = user.Description
modify_request := ldap.NewModifyRequest(login.Info.DN, nil) err := modify(user, config, login.conn)
modify_request.Replace("displayname", []string{data.DisplayName})
modify_request.Replace("givenname", []string{data.GivenName})
modify_request.Replace("surname", []string{data.Surname})
modify_request.Replace("description", []string{data.Description})
//modify_request.Replace(FIELD_NAME_DIRECTORY_VISIBILITY, []string{data.Visibility})
//modify_request.Replace(FIELD_NAME_DIRECTORY_VISIBILITY, []string{"on"})
//if data.ProfilePicture != "" {
// modify_request.Replace(FIELD_NAME_PROFILE_PICTURE, []string{data.ProfilePicture})
// }
err := login.conn.Modify(modify_request)
// log.Printf(fmt.Sprintf("Profile:079: %v",modify_request))
// log.Printf(fmt.Sprintf("Profile:079: %v",err))
// log.Printf(fmt.Sprintf("Profile:079: %v",data))
if err != nil { if err != nil {
data.ErrorMessage = err.Error() data.ErrorMessage = "handleProfile : " + err.Error()
} else { } else {
data.Success = true data.Success = true
} }
/*
visible := strings.TrimSpace(strings.Join(r.Form["visibility"], ""))
if visible != "" {
visible = "on"
} else {
visible = "off"
}
data.Visibility = visible
*/
/*
profilePicture, err := uploadProfilePicture(w, r, login)
if err != nil {
data.ErrorMessage = err.Error()
}
if profilePicture != "" {
data.ProfilePicture = profilePicture
}
*/
//modify_request.Replace(FIELD_NAME_DIRECTORY_VISIBILITY, []string{data.Visibility})
//modify_request.Replace(FIELD_NAME_DIRECTORY_VISIBILITY, []string{"on"})
//if data.ProfilePicture != "" {
// modify_request.Replace(FIELD_NAME_PROFILE_PICTURE, []string{data.ProfilePicture})
// }
// err := login.conn.Modify(modify_request)
// log.Printf(fmt.Sprintf("Profile:079: %v",modify_request))
// log.Printf(fmt.Sprintf("Profile:079: %v",err))
// log.Printf(fmt.Sprintf("Profile:079: %v",data))
// if err != nil {
// data.ErrorMessage = err.Error()
// } else {
// data.Success = true
// }
} }
templateProfile.Execute(w, data) templateProfile.Execute(w, data)
@ -126,13 +141,13 @@ func handlePasswd(w http.ResponseWriter, r *http.Request) {
} else if password2 != password { } else if password2 != password {
data.NoMatchError = true data.NoMatchError = true
} else { } else {
passwordModifyRequest := ldap.NewPasswordModifyRequest(login.Info.DN,"",password) passwordModifyRequest := ldap.NewPasswordModifyRequest(login.Info.DN, "", password)
_, err := login.conn.PasswordModify(passwordModifyRequest) _, err := login.conn.PasswordModify(passwordModifyRequest)
if err != nil { if err != nil {
data.ErrorMessage = err.Error() data.ErrorMessage = err.Error()
} else { } else {
data.Success = true data.Success = true
} }
} }
} }

79
utils.go
View file

@ -10,18 +10,6 @@ import (
"golang.org/x/text/encoding/unicode" "golang.org/x/text/encoding/unicode"
) )
type NewUser struct {
DN string
CN string
GivenName string
DisplayName string
Mail string
SN string
UID string
Description string
Password string
}
func openLdap(config ConfigFile) *ldap.Conn { func openLdap(config ConfigFile) *ldap.Conn {
l, err := ldap.DialURL(config.LdapServerAddr) l, err := ldap.DialURL(config.LdapServerAddr)
if err != nil { if err != nil {
@ -40,70 +28,3 @@ func suggestPassword() string {
} }
return password return password
} }
func addNewUser(newUser NewUser, config *ConfigFile, ldapConn *ldap.Conn) bool {
log.Printf(fmt.Sprint("Adding New User"))
// l, _ := ldap.DialURL(config.LdapServerAddr)
// l.Bind(config.NewUserDN, config.NewUserPassword)
// err := l.StartTLS(&tls.Config{InsecureSkipVerify: true})
// if err != nil {
// log.Printf(fmt.Sprintf("86: %v", err))
// }
// l.Bind(config.)
dn := newUser.DN
req := ldap.NewAddRequest(dn, nil)
req.Attribute("objectClass", []string{"top", "inetOrgPerson"})
if newUser.DisplayName != "" {
req.Attribute("displayName", []string{newUser.DisplayName})
}
if newUser.GivenName != "" {
req.Attribute("givenName", []string{newUser.GivenName})
}
if newUser.Mail != "" {
req.Attribute("mail", []string{newUser.Mail})
}
if newUser.UID != "" {
req.Attribute("uid", []string{newUser.UID})
}
// if newUser.Member != "" {
// req.Attribute("member", []string{newUser.Member})
// }
if newUser.SN != "" {
req.Attribute("sn", []string{newUser.SN})
}
if newUser.Description != "" {
req.Attribute("description", []string{newUser.Description})
}
if newUser.Password != "" {
pwdEncoded, _ := encodePassword(newUser.Password)
// if err != nil {
// log.Printf("Error encoding password: %s", err)
// return err
// }
req.Attribute("userPassword", []string{pwdEncoded})
}
// conn :=
err := ldapConn.Add(req)
log.Printf(fmt.Sprintf("71: %v", err))
log.Printf(fmt.Sprintf("72: %v", req))
log.Printf(fmt.Sprintf("73: %v", newUser))
if err != nil {
log.Printf(fmt.Sprintf("86: %v", err))
return false
} else {
return true
}
}
func encodePassword(inPassword string) (string, error) {
utf16 := unicode.UTF16(unicode.LittleEndian, unicode.IgnoreBOM)
return utf16.NewEncoder().String("\"" + inPassword + "\"")
// if err != nil {
// log.Printf("Error encoding password: %s", err)
// return err
// }
}