From f87aa1a63f62a345f313b994ad2436a55ac881ea Mon Sep 17 00:00:00 2001 From: Chris Mann Date: Wed, 26 Jul 2023 09:00:42 +0200 Subject: [PATCH] Refactoring --- Makefile | 2 +- controller.go | 2 +- view-passwd.go | 279 +++++++++++++++++++------------------------------ view-user.go | 113 ++------------------ 4 files changed, 119 insertions(+), 277 deletions(-) diff --git a/Makefile b/Makefile index 05a0e0d..4c680bb 100644 --- a/Makefile +++ b/Makefile @@ -1,5 +1,5 @@ BIN=guichet -SRC=main.go model.go view.go controller.go utils.go model-user.go view-admin.go view-home.go view-invite.go view-login.go view-passwd.go view-user.go utils-http.go utils-ldap.go utils-config.go directory.go garage.go picture.go session.go utils-ssha.go +SRC=main.go model.go view.go controller.go utils.go model-user.go model-passwd.go view-admin.go view-home.go view-invite.go view-login.go view-passwd.go view-user.go utils-http.go utils-ldap.go utils-config.go directory.go garage.go picture.go session.go utils-ssha.go # ssha.go profile.go admin.go invite.go directory.go utils.go picture.go login.go config.go http-utils.go home.go model-user.go gpas.go session.go model.go view.go controller.go utils-ldap.go diff --git a/controller.go b/controller.go index 2ddee28..03b3119 100644 --- a/controller.go +++ b/controller.go @@ -65,7 +65,7 @@ func makeGVRouter() (*mux.Router, error) { r.HandleFunc("/session/logout", handleLogout) - r.HandleFunc("/user", handleProfile) + r.HandleFunc("/user", handleUser) r.HandleFunc("/user/new", handleInviteNewAccount) r.HandleFunc("/picture/{name}", handleDownloadPicture) diff --git a/view-passwd.go b/view-passwd.go index 415ddab..d1140d3 100644 --- a/view-passwd.go +++ b/view-passwd.go @@ -1,169 +1,110 @@ -/* -gpas is GVoisin password reset -*/ - -package main - -import ( - "bytes" - "errors" - "fmt" - "html/template" - "log" - - // "github.com/emersion/go-sasl" - // "github.com/emersion/go-smtp" - "net/smtp" - - "github.com/go-ldap/ldap/v3" - // "strings" - b64 "encoding/base64" -) - -// type InvitationAccount struct { -// UID string -// Password string -// BaseDN string -// } - -// var EMAIL_REGEXP := regexp.MustCompile("^[a-zA-Z0-9.!#$%&'*+\\/=?^_`{|}~-]+@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*$") - -func passwordLost(user User, config *ConfigFile, ldapConn *ldap.Conn) error { - if user.CN == "" && user.Mail == "" && user.OtherMailbox == "" { - return errors.New("Il n'y a pas de quoi identifier l'utilisateur") - } - searchFilter := "(|" - if user.CN != "" { - searchFilter += "(cn=" + user.UID + ")" - } - if user.Mail != "" { - searchFilter += "(mail=" + user.Mail + ")" - } - if user.OtherMailbox != "" { - searchFilter += "(carLicense=" + user.OtherMailbox + ")" - } - searchFilter += ")" - searchReq := ldap.NewSearchRequest(config.UserBaseDN, ldap.ScopeSingleLevel, ldap.NeverDerefAliases, 0, 0, false, searchFilter, []string{"cn", "uid", "mail", "carLicense", "sn", "displayName", "givenName"}, nil) - searchRes, err := ldapConn.Search(searchReq) - if err != nil { - log.Printf(fmt.Sprintf("passwordLost 49 : %v %v", err, ldapConn)) - log.Printf(fmt.Sprintf("passwordLost 50 : %v", searchReq)) - log.Printf(fmt.Sprintf("passwordLost 51: %v", user)) - return err - } - if len(searchRes.Entries) == 0 { - log.Printf("Il n'y a pas d'utilisateur qui correspond %v", searchReq) - return errors.New("Il n'y a pas d'utilisateur qui correspond") - } - // log.Printf(fmt.Sprintf("passwordLost 58 : %v", user)) - // log.Printf(fmt.Sprintf("passwordLost 59 : %v", searchRes.Entries[0])) - // log.Printf(fmt.Sprintf("passwordLost 60 : %v", searchRes.Entries[0].GetAttributeValue("cn"))) - // log.Printf(fmt.Sprintf("passwordLost 61 : %v", searchRes.Entries[0].GetAttributeValue("uid"))) - // log.Printf(fmt.Sprintf("passwordLost 62 : %v", searchRes.Entries[0].GetAttributeValue("mail"))) - // log.Printf(fmt.Sprintf("passwordLost 63 : %v", searchRes.Entries[0].GetAttributeValue("carLicense"))) - // Préparation du courriel à envoyer - user.Password = suggestPassword() - code := b64.URLEncoding.EncodeToString([]byte(user.UID + ";" + user.Password)) - user.DN = "uid=" + searchRes.Entries[0].GetAttributeValue("cn") + ",ou=invitations,dc=resdigita,dc=org" - user.UID = searchRes.Entries[0].GetAttributeValue("cn") - user.CN = searchRes.Entries[0].GetAttributeValue("cn") - user.Mail = searchRes.Entries[0].GetAttributeValue("mail") - user.OtherMailbox = searchRes.Entries[0].GetAttributeValue("carLicense") - /* Check for outstanding invitation */ - searchReq = ldap.NewSearchRequest(config.InvitationBaseDN, ldap.ScopeBaseObject, - ldap.NeverDerefAliases, 0, 0, false, "(uid="+user.UID+")", []string{"seeAlso"}, nil) - searchRes, err = ldapConn.Search(searchReq) - if err != nil { - log.Printf(fmt.Sprintf("passwordLost (Check existing invitation) : %v", err)) - log.Printf(fmt.Sprintf("passwordLost (Check existing invitation) : %v", user)) - return err - } - if len(searchRes.Entries) == 0 { - /* Add the invitation */ - addReq := ldap.NewAddRequest( - user.DN, - nil) - addReq.Attribute("objectClass", []string{"top", "account", "simpleSecurityObject"}) - addReq.Attribute("uid", []string{user.UID}) - addReq.Attribute("userPassword", []string{"absdefghi"}) - addReq.Attribute("seeAlso", []string{config.UserNameAttr + "=" + user.UID + "," + config.UserBaseDN}) - err = ldapConn.Add(addReq) - if err != nil { - log.Printf(fmt.Sprintf("passwordLost 83 : %v", err)) - log.Printf(fmt.Sprintf("passwordLost 84 : %v", user)) - // log.Printf(fmt.Sprintf("passwordLost 85 : %v", searchRes.Entries[0])) - // For some reason I get here even if the entry exists already - return err - } - } - err = passwd(user, config, ldapConn) - if err != nil { - log.Printf(fmt.Sprintf("passwordLost 90 : %v", err)) - log.Printf(fmt.Sprintf("passwordLost 91 : %v", user)) - log.Printf(fmt.Sprintf("passwordLost 92 : %v", searchRes.Entries[0])) - return err - } - templateMail := template.Must(template.ParseFiles(templatePath + "/lost_password_email.txt")) - buf := bytes.NewBuffer([]byte{}) - templateMail.Execute(buf, &CodeMailFields{ - To: user.OtherMailbox, - From: config.MailFrom, - InviteFrom: user.UID, - Code: code, - WebBaseAddress: config.WebAddress, - }) - // message := []byte("Hi " + user.OtherMailbox) - log.Printf("Sending mail to: %s", user.OtherMailbox) - // var auth sasl.Client = nil - // if config.SMTPUsername != "" { - // auth = sasl.NewPlainClient("", config.SMTPUsername, config.SMTPPassword) - // } - message := buf.Bytes() - auth := smtp.PlainAuth("", config.SMTPUsername, config.SMTPPassword, config.SMTPServer) - log.Printf("auth: %v", auth) - err = smtp.SendMail(config.SMTPServer+":587", auth, config.SMTPUsername, []string{user.OtherMailbox}, message) - if err != nil { - log.Printf("email send error %v", err) - return err - } - log.Printf("Mail sent.") - return nil -} - -func passwordFound(user User, config *ConfigFile, ldapConn *ldap.Conn) (string, error) { - l, err := openLdap(config) - if err != nil { - log.Printf("passwordFound %v", err) - log.Printf("passwordFound Config : %v", config) - return "", err - } - if user.DN == "" && user.UID != "" { - user.DN = "uid=" + user.UID + ",ou=invitations,dc=resdigita,dc=org" - } - err = l.Bind(user.DN, user.Password) - if err != nil { - log.Printf("passwordFound %v", err) - log.Printf("passwordFound %v", user.DN) - log.Printf("passwordFound %v", user.UID) - return "", err - } - searchReq := ldap.NewSearchRequest(user.DN, ldap.ScopeBaseObject, - ldap.NeverDerefAliases, 0, 0, false, "(uid="+user.UID+")", []string{"seeAlso"}, nil) - var searchRes *ldap.SearchResult - searchRes, err = ldapConn.Search(searchReq) - if err != nil { - log.Printf("passwordFound %v", err) - log.Printf("passwordFound %v", searchReq) - log.Printf("passwordFound %v", ldapConn) - log.Printf("passwordFound %v", searchRes) - return "", err - } - if len(searchRes.Entries) == 0 { - log.Printf("passwordFound %v", err) - log.Printf("passwordFound %v", searchReq) - log.Printf("passwordFound %v", ldapConn) - log.Printf("passwordFound %v", searchRes) - return "", err - } - return searchRes.Entries[0].GetAttributeValue("seeAlso"), err -} +package main + +import ( + b64 "encoding/base64" + "fmt" + "log" + "net/http" + "strings" + + "github.com/gorilla/mux" +) + +func handleFoundPassword(w http.ResponseWriter, r *http.Request) { + templateFoundPasswordPage := getTemplate("passwd.html") + data := PasswdTplData{ + Common: NestedCommonTplData{ + CanAdmin: false, + LoggedIn: false}, + } + code := mux.Vars(r)["code"] + // code = strings.TrimSpace(strings.Join([]string{code}, "")) + newCode, _ := b64.URLEncoding.DecodeString(code) + ldapConn, err := openNewUserLdap(config) + if err != nil { + log.Printf(fmt.Sprint("handleFoundPassword / openNewUserLdap / %v", err)) + data.Common.ErrorMessage = err.Error() + } + codeArray := strings.Split(string(newCode), ";") + user := User{ + UID: codeArray[0], + Password: codeArray[1], + DN: "uid=" + codeArray[0] + ",ou=invitations,dc=resdigita,dc=org", + } + user.SeeAlso, err = passwordFound(user, config, ldapConn) + if err != nil { + log.Printf("handleFoundPassword / passwordFound %v", err) + log.Printf("handleFoundPassword / passwordFound %v", err) + data.Common.ErrorMessage = err.Error() + } + if r.Method == "POST" { + r.ParseForm() + + password := strings.Join(r.Form["password"], "") + password2 := strings.Join(r.Form["password2"], "") + + if len(password) < 8 { + data.TooShortError = true + } else if password2 != password { + data.NoMatchError = true + } else { + err := passwd(User{ + DN: user.SeeAlso, + Password: password, + }, config, ldapConn) + if err != nil { + data.Common.ErrorMessage = err.Error() + } else { + data.Common.Success = true + } + } + } + data.Common.CanAdmin = false + templateFoundPasswordPage.Execute(w, data) +} + +func handlePasswd(w http.ResponseWriter, r *http.Request) { + templatePasswd := getTemplate("passwd.html") + data := &PasswdTplData{ + Common: NestedCommonTplData{ + CanAdmin: false, + LoggedIn: true, + ErrorMessage: "", + Success: false, + }, + } + + login := checkLogin(w, r) + if login == nil { + data.Common.LoggedIn = false + templatePasswd.Execute(w, data) + return + } + data.Login.Status = login + data.Common.CanAdmin = login.Common.CanAdmin + + if r.Method == "POST" { + r.ParseForm() + + password := strings.Join(r.Form["password"], "") + password2 := strings.Join(r.Form["password2"], "") + + if len(password) < 8 { + data.TooShortError = true + } else if password2 != password { + data.NoMatchError = true + } else { + err := passwd(User{ + DN: login.Info.DN, + Password: password, + }, config, login.conn) + if err != nil { + data.Common.ErrorMessage = err.Error() + } else { + data.Common.Success = true + } + } + } + data.Common.CanAdmin = false + templatePasswd.Execute(w, data) +} diff --git a/view-user.go b/view-user.go index 85f5bc4..8291fc6 100644 --- a/view-user.go +++ b/view-user.go @@ -1,16 +1,15 @@ package main import ( - b64 "encoding/base64" - "fmt" - "log" + // b64 "encoding/base64" + // "fmt" + // "log" "net/http" "strings" - - "github.com/gorilla/mux" + // "github.com/gorilla/mux" ) -func handleProfile(w http.ResponseWriter, r *http.Request) { +func handleUser(w http.ResponseWriter, r *http.Request) { templateProfile := getTemplate("user.html") login := checkLogin(w, r) @@ -65,14 +64,14 @@ func handleProfile(w http.ResponseWriter, r *http.Request) { if user.DisplayName != "" { err := modify(user, config, login.conn) if err != nil { - data.Common.ErrorMessage = "handleProfile : " + err.Error() + data.Common.ErrorMessage = "handleUser : " + err.Error() } else { data.Common.Success = true } } findUser, err := get(user, config, login.conn) if err != nil { - data.Common.ErrorMessage = "handleProfile : " + err.Error() + data.Common.ErrorMessage = "handleUser : " + err.Error() } data.DisplayName = findUser.DisplayName data.GivenName = findUser.GivenName @@ -120,101 +119,3 @@ func handleProfile(w http.ResponseWriter, r *http.Request) { templateProfile.Execute(w, data) } - -func handleFoundPassword(w http.ResponseWriter, r *http.Request) { - templateFoundPasswordPage := getTemplate("passwd.html") - data := PasswdTplData{ - Common: NestedCommonTplData{ - CanAdmin: false, - LoggedIn: false}, - } - code := mux.Vars(r)["code"] - // code = strings.TrimSpace(strings.Join([]string{code}, "")) - newCode, _ := b64.URLEncoding.DecodeString(code) - ldapConn, err := openNewUserLdap(config) - if err != nil { - log.Printf(fmt.Sprint("handleFoundPassword / openNewUserLdap / %v", err)) - data.Common.ErrorMessage = err.Error() - } - codeArray := strings.Split(string(newCode), ";") - user := User{ - UID: codeArray[0], - Password: codeArray[1], - DN: "uid=" + codeArray[0] + ",ou=invitations,dc=resdigita,dc=org", - } - user.SeeAlso, err = passwordFound(user, config, ldapConn) - if err != nil { - log.Printf("handleFoundPassword / passwordFound %v", err) - log.Printf("handleFoundPassword / passwordFound %v", err) - data.Common.ErrorMessage = err.Error() - } - if r.Method == "POST" { - r.ParseForm() - - password := strings.Join(r.Form["password"], "") - password2 := strings.Join(r.Form["password2"], "") - - if len(password) < 8 { - data.TooShortError = true - } else if password2 != password { - data.NoMatchError = true - } else { - err := passwd(User{ - DN: user.SeeAlso, - Password: password, - }, config, ldapConn) - if err != nil { - data.Common.ErrorMessage = err.Error() - } else { - data.Common.Success = true - } - } - } - data.Common.CanAdmin = false - templateFoundPasswordPage.Execute(w, data) -} - -func handlePasswd(w http.ResponseWriter, r *http.Request) { - templatePasswd := getTemplate("passwd.html") - data := &PasswdTplData{ - Common: NestedCommonTplData{ - CanAdmin: false, - LoggedIn: true, - ErrorMessage: "", - Success: false, - }, - } - - login := checkLogin(w, r) - if login == nil { - templatePasswd.Execute(w, data) - return - } - data.Login.Status = login - data.Common.CanAdmin = login.Common.CanAdmin - - if r.Method == "POST" { - r.ParseForm() - - password := strings.Join(r.Form["password"], "") - password2 := strings.Join(r.Form["password2"], "") - - if len(password) < 8 { - data.TooShortError = true - } else if password2 != password { - data.NoMatchError = true - } else { - err := passwd(User{ - DN: login.Info.DN, - Password: password, - }, config, login.conn) - if err != nil { - data.Common.ErrorMessage = err.Error() - } else { - data.Common.Success = true - } - } - } - data.Common.CanAdmin = false - templatePasswd.Execute(w, data) -}