From 7f3383944b6c55cfdd7a3956c9c9e8689c1ea9a0 Mon Sep 17 00:00:00 2001
From: Chris Mann <chris@lesgrandsvoisins.com>
Date: Wed, 26 Jul 2023 13:03:45 +0200
Subject: [PATCH] Refactoring

---
 model-passwd.go |  8 ++++----
 utils.go        |  1 +
 view-invite.go  | 46 ----------------------------------------------
 view-passwd.go  | 45 +++++++++++++++++++++++++++++++++++++++++++++
 4 files changed, 50 insertions(+), 50 deletions(-)

diff --git a/model-passwd.go b/model-passwd.go
index 8ab3839..08d7de3 100644
--- a/model-passwd.go
+++ b/model-passwd.go
@@ -64,7 +64,7 @@ func passwordLost(user User, config *ConfigFile, ldapConn *ldap.Conn) error {
 	// Préparation du courriel à envoyer
 	user.Password = suggestPassword()
 	code := b64.URLEncoding.EncodeToString([]byte(user.UID + ";" + user.Password))
-	user.DN = "uid=" + searchRes.Entries[0].GetAttributeValue("cn") + ",ou=invitations,dc=resdigita,dc=org"
+	user.DN = "uid=" + searchRes.Entries[0].GetAttributeValue("cn") + "," + config.InvitationBaseDN
 	user.UID = searchRes.Entries[0].GetAttributeValue("cn")
 	user.CN = searchRes.Entries[0].GetAttributeValue("cn")
 	user.Mail = searchRes.Entries[0].GetAttributeValue("mail")
@@ -81,11 +81,11 @@ func passwordLost(user User, config *ConfigFile, ldapConn *ldap.Conn) error {
 	if len(searchRes.Entries) == 0 {
 		/* Add the invitation */
 		addReq := ldap.NewAddRequest(
-			user.DN,
+			"uid="+searchRes.Entries[0].GetAttributeValue("cn")+","+config.InvitationBaseDN,
 			nil)
 		addReq.Attribute("objectClass", []string{"top", "account", "simpleSecurityObject"})
-		addReq.Attribute("uid", []string{user.UID})
-		addReq.Attribute("userPassword", []string{"absdefghi"})
+		addReq.Attribute("uid", []string{searchRes.Entries[0].GetAttributeValue("cn")})
+		addReq.Attribute("userPassword", []string{suggestPassword()})
 		addReq.Attribute("seeAlso", []string{config.UserNameAttr + "=" + user.UID + "," + config.UserBaseDN})
 		err = ldapConn.Add(addReq)
 		if err != nil {
diff --git a/utils.go b/utils.go
index 8c75184..152d765 100644
--- a/utils.go
+++ b/utils.go
@@ -43,6 +43,7 @@ func openLdap(config *ConfigFile) (*ldap.Conn, error) {
 	// }
 }
 
+// Suggesting a 12 char password with some excentrics
 func suggestPassword() string {
 	password := ""
 	chars := "abcdfghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%&*+_-="
diff --git a/view-invite.go b/view-invite.go
index 8aba12f..bb1ff03 100644
--- a/view-invite.go
+++ b/view-invite.go
@@ -56,52 +56,6 @@ func openNewUserLdap(config *ConfigFile) (*ldap.Conn, error) {
 	return l, err
 }
 
-func handleLostPassword(w http.ResponseWriter, r *http.Request) {
-	templateLostPasswordPage := getTemplate("passwd/lost.html")
-	if checkLogin(w, r) != nil {
-		http.Redirect(w, r, "/", http.StatusTemporaryRedirect)
-	}
-
-	data := PasswordLostData{
-		Common: NestedCommonTplData{
-			CanAdmin: false,
-			LoggedIn: false},
-	}
-
-	if r.Method == "POST" {
-		r.ParseForm()
-		data.Username = strings.TrimSpace(strings.Join(r.Form["username"], ""))
-		data.Mail = strings.TrimSpace(strings.Join(r.Form["mail"], ""))
-		data.OtherMailbox = strings.TrimSpace(strings.Join(r.Form["othermailbox"], ""))
-		user := User{
-			CN:           strings.TrimSpace(strings.Join(r.Form["username"], "")),
-			UID:          strings.TrimSpace(strings.Join(r.Form["username"], "")),
-			Mail:         strings.TrimSpace(strings.Join(r.Form["mail"], "")),
-			OtherMailbox: strings.TrimSpace(strings.Join(r.Form["othermailbox"], "")),
-		}
-		ldapConn, err := openNewUserLdap(config)
-		if err != nil {
-			log.Printf(fmt.Sprintf("handleLostPassword 99 : %v %v", err, ldapConn))
-			data.Common.ErrorMessage = err.Error()
-		}
-		err = passwordLost(user, config, ldapConn)
-		if err != nil {
-			log.Printf(fmt.Sprintf("handleLostPassword 104 : %v %v", err, ldapConn))
-			data.Common.ErrorMessage = err.Error()
-		} else {
-			err = ldapConn.Bind(config.NewUserDN, config.NewUserPassword)
-			if err != nil {
-				log.Printf(fmt.Sprintf("handleLostPassword 109 : %v %v", err, ldapConn))
-				data.Common.ErrorMessage = err.Error()
-			} else {
-				data.Common.Success = true
-			}
-		}
-	}
-	data.Common.CanAdmin = false
-	templateLostPasswordPage.Execute(w, data)
-}
-
 func handleInviteNewAccount(w http.ResponseWriter, r *http.Request) {
 	l, err := ldapOpen(w)
 	if err != nil {
diff --git a/view-passwd.go b/view-passwd.go
index c79e873..ffcc7ff 100644
--- a/view-passwd.go
+++ b/view-passwd.go
@@ -10,6 +10,51 @@ import (
 	"github.com/gorilla/mux"
 )
 
+func handleLostPassword(w http.ResponseWriter, r *http.Request) {
+	templateLostPasswordPage := getTemplate("passwd/lost.html")
+	if checkLogin(w, r) != nil {
+		http.Redirect(w, r, "/", http.StatusTemporaryRedirect)
+	}
+
+	data := PasswordLostData{
+		Common: NestedCommonTplData{
+			CanAdmin: false,
+			LoggedIn: false},
+	}
+
+	if r.Method == "POST" {
+		r.ParseForm()
+		data.Username = strings.TrimSpace(strings.Join(r.Form["username"], ""))
+		data.Mail = strings.TrimSpace(strings.Join(r.Form["mail"], ""))
+		data.OtherMailbox = strings.TrimSpace(strings.Join(r.Form["othermailbox"], ""))
+		user := User{
+			CN:           strings.TrimSpace(strings.Join(r.Form["username"], "")),
+			UID:          strings.TrimSpace(strings.Join(r.Form["username"], "")),
+			Mail:         strings.TrimSpace(strings.Join(r.Form["mail"], "")),
+			OtherMailbox: strings.TrimSpace(strings.Join(r.Form["othermailbox"], "")),
+		}
+		ldapConn, err := openNewUserLdap(config)
+		if err != nil {
+			log.Printf(fmt.Sprintf("handleLostPassword 99 : %v %v", err, ldapConn))
+			data.Common.ErrorMessage = err.Error()
+		}
+		if err != nil {
+			log.Printf(fmt.Sprintf("handleLostPassword 104 : %v %v", err, ldapConn))
+			data.Common.ErrorMessage = err.Error()
+		} else {
+			err = ldapConn.Bind(config.NewUserDN, config.NewUserPassword)
+			if err != nil {
+				log.Printf(fmt.Sprintf("handleLostPassword 109 : %v %v", err, ldapConn))
+				data.Common.ErrorMessage = err.Error()
+			} else {
+				data.Common.Success = true
+			}
+		}
+	}
+	data.Common.CanAdmin = false
+	templateLostPasswordPage.Execute(w, data)
+}
+
 func handleFoundPassword(w http.ResponseWriter, r *http.Request) {
 	templateFoundPasswordPage := getTemplate("passwd.html")
 	data := PasswdTplData{