diff --git a/gpas.go b/gpas.go index 32525f6..1bf61e2 100644 --- a/gpas.go +++ b/gpas.go @@ -84,7 +84,7 @@ func passwordLost(user User, config *ConfigFile, ldapConn *ldap.Conn) error { } func passwordFound(user User, config *ConfigFile, ldapConn *ldap.Conn) (bool, error) { - l := openLdap(*config) + l := openLdap(config) err := l.Bind(user.DN, user.Password) if err != nil { return false, err diff --git a/invite.go b/invite.go index 5a5a0d7..aba1431 100644 --- a/invite.go +++ b/invite.go @@ -46,12 +46,6 @@ type PasswordFoundData struct { OtherMailbox string } -func handleFoundPassword(w http.ResponseWriter, r *http.Request) { - templateFoundPasswordPage := getTemplate("passwd.html") - data := PasswordFoundData{} - templateFoundPasswordPage.Execute(w, data) -} - type PasswordLostData struct { ErrorMessage string Success bool @@ -60,19 +54,20 @@ type PasswordLostData struct { OtherMailbox string } +func openNewUserLdap(config *ConfigFile) (*ldap.Conn, error) { + l := openLdap(config) + err := l.Bind(config.NewUserDN, config.NewUserPassword) + if err != nil { + log.Printf(fmt.Sprintf("openNewUserLdap : %v %v", err, l)) + // data.ErrorMessage = err.Error() + } + return l, err +} + func handleLostPassword(w http.ResponseWriter, r *http.Request) { templateLostPasswordPage := getTemplate("password_lost.html") data := PasswordLostData{} - l, err := ldapOpen(w) - if err != nil { - log.Printf(fmt.Sprintf("handleLostPassword : %v %v", err, l)) - data.ErrorMessage = err.Error() - } - err = l.Bind(config.NewUserDN, config.NewUserPassword) - if err != nil { - log.Printf(fmt.Sprintf("handleLostPassword : %v %v", err, l)) - data.ErrorMessage = err.Error() - } + if r.Method == "POST" { r.ParseForm() data.Username = strings.TrimSpace(strings.Join(r.Form["username"], "")) @@ -83,10 +78,15 @@ func handleLostPassword(w http.ResponseWriter, r *http.Request) { Mail: data.Mail, OtherMailbox: data.OtherMailbox, } - err = passwordLost(user, config, l) - err = l.Bind(config.NewUserDN, config.NewUserPassword) + ldapConn, err := openNewUserLdap(config) if err != nil { - log.Printf(fmt.Sprintf("handleLostPassword : %v %v", err, l)) + log.Printf(fmt.Sprintf("handleLostPassword : %v %v", err, ldapConn)) + data.ErrorMessage = err.Error() + } + err = passwordLost(user, config, ldapConn) + err = ldapConn.Bind(config.NewUserDN, config.NewUserPassword) + if err != nil { + log.Printf(fmt.Sprintf("handleLostPassword : %v %v", err, ldapConn)) data.ErrorMessage = err.Error() } else { data.Success = true diff --git a/profile.go b/profile.go index 0119bcc..d6dbc3e 100644 --- a/profile.go +++ b/profile.go @@ -1,8 +1,13 @@ package main import ( + b64 "encoding/base64" + "fmt" + "log" "net/http" "strings" + + "github.com/gorilla/mux" ) type ProfileTplData struct { @@ -122,6 +127,30 @@ type PasswdTplData struct { Success bool } +func handleFoundPassword(w http.ResponseWriter, r *http.Request) { + templateFoundPasswordPage := getTemplate("passwd.html") + data := PasswdTplData{} + code := mux.Vars(r)["code"] + // code = strings.TrimSpace(strings.Join([]string{code}, "")) + newCode, _ := b64.URLEncoding.DecodeString(code) + ldapConn, err := openNewUserLdap(config) + if err != nil { + log.Printf(fmt.Sprint("handleFoundPassword %v", err)) + data.ErrorMessage = err.Error() + } + codeArray := strings.Split(string(newCode), ";") + user := User{ + UID: codeArray[0], + Password: codeArray[1], + } + data.Success, err = passwordFound(user, config, ldapConn) + if err != nil { + log.Printf(fmt.Sprint("handleFoundPassword %v", err)) + data.ErrorMessage = err.Error() + } + templateFoundPasswordPage.Execute(w, data) +} + func handlePasswd(w http.ResponseWriter, r *http.Request) { templatePasswd := getTemplate("passwd.html") diff --git a/utils.go b/utils.go index 902d090..1a99a26 100644 --- a/utils.go +++ b/utils.go @@ -10,7 +10,7 @@ import ( // "golang.org/x/text/encoding/unicode" ) -func openLdap(config ConfigFile) *ldap.Conn { +func openLdap(config *ConfigFile) *ldap.Conn { l, err := ldap.DialURL(config.LdapServerAddr) if err != nil { log.Printf(fmt.Sprint("Erreur connect LDAP %v", err))