/* login Handles login and current-user verification */ package views import ( "fmt" "log" "net/http" "strings" "github.com/go-ldap/ldap/v3" ) func HandleLogout(w http.ResponseWriter, r *http.Request) { err := logout(w, r) if err != nil { http.Error(w, err.Error(), http.StatusInternalServerError) return } http.Redirect(w, r, "/", http.StatusFound) } func HandleLogin(w http.ResponseWriter, r *http.Request) (*LoginInfo, error) { templateLogin := getTemplate("login.html") if r.Method == "POST" { // log.Printf("%v", "Parsing Form HandleLogin") r.ParseForm() username := strings.Join(r.Form["username"], "") password := strings.Join(r.Form["password"], "") l, _ := ldapOpen(w) user_dn := fmt.Sprintf("%s=%s,%s", config.UserNameAttr, username, config.UserBaseDN) // log.Printf("%v", user_dn) // log.Printf("%v", username) if strings.EqualFold(username, config.AdminAccount) { user_dn = username } err := l.Bind(user_dn, password) if err != nil { log.Printf("DoLogin : %v", err) log.Printf("DoLogin : %v", user_dn) return nil, err } // func encodePassword(inPassword string) (string, error) { // utf16 := unicode.UTF16(unicode.LittleEndian, unicode.IgnoreBOM) // return utf16.NewEncoder().String("\"" + inPassword + "\"") // // if err != nil { // // log.Printf("Error encoding password: %s", err) // // return err // // } // } // log.Printf("%v", LoginInfo) if err != nil { data := &LoginFormData{ Username: username, Common: NestedCommonTplData{ CanAdmin: false, CanInvite: true, LoggedIn: false, }, } if ldap.IsErrorWithCode(err, ldap.LDAPResultInvalidCredentials) { data.WrongPass = true } else if ldap.IsErrorWithCode(err, ldap.LDAPResultNoSuchObject) { data.WrongUser = true } else { log.Printf("%v", err) log.Printf("%v", user_dn) log.Printf("%v", username) data.Common.ErrorMessage = err.Error() } } // Successfully logged in, save it to session session, err := GuichetSessionStore.Get(r, SESSION_NAME) if err != nil { session, _ = GuichetSessionStore.New(r, SESSION_NAME) } session.Values["login_username"] = username session.Values["login_password"] = password session.Values["login_dn"] = user_dn err = session.Save(r, w) if err != nil { log.Printf("DoLogin Session Save: %v", err) http.Error(w, err.Error(), http.StatusInternalServerError) return nil, err } // // templateLogin.Execute(w, data) // execTemplate(w, templateLogin, data.Common, NestedLoginTplData{}, *config, data) http.Redirect(w, r, "/", http.StatusTemporaryRedirect) } else if r.Method == "GET" { execTemplate(w, templateLogin, NestedCommonTplData{ CanAdmin: false, CanInvite: true, LoggedIn: false}, NestedLoginTplData{}, LoginFormData{ Common: NestedCommonTplData{ CanAdmin: false, CanInvite: true, LoggedIn: false}}) // templateLogin.Execute(w, LoginFormData{ // Common: NestedCommonTplData{ // CanAdmin: false, // CanInvite: true, // LoggedIn: false}}) return nil, nil } else { http.Error(w, "Unsupported method", http.StatusBadRequest) return nil, nil } // execTemplate(w, templateLogin, data.Common, NestedLoginTplData{}, *config, data) return nil, nil } // func NotDoLogin(w http.ResponseWriter, r *http.Request, username string, user_dn string, password string) (*LoginInfo, error) { // }