Add route for Basic HTTP auth
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/push Build is passing
Details
This commit is contained in:
parent
ee30a37c41
commit
0d0438135c
59
login.go
59
login.go
|
|
@ -1,31 +1,38 @@
|
|||
package main
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"html/template"
|
||||
"log"
|
||||
"net/http"
|
||||
|
||||
"gopkg.in/ldap.v2"
|
||||
)
|
||||
|
||||
func login(login string, password string) ([]*ldap.EntryAttribute, error) {
|
||||
conn, err := myLDAP.Connect()
|
||||
if err != nil || conn == nil {
|
||||
return nil, err
|
||||
} else if err := conn.ServiceBind(); err != nil {
|
||||
return nil, err
|
||||
} else if dn, err := conn.SearchDN(login); err != nil {
|
||||
return nil, err
|
||||
} else if err := conn.Bind(dn, password); err != nil {
|
||||
return nil, err
|
||||
} else if entries, err := conn.GetEntry(dn); err != nil {
|
||||
return nil, err
|
||||
} else {
|
||||
return entries, nil
|
||||
}
|
||||
}
|
||||
|
||||
func tryLogin(w http.ResponseWriter, r *http.Request) {
|
||||
if r.Method != "POST" {
|
||||
displayTmpl(w, "login.html", map[string]interface{}{})
|
||||
return
|
||||
}
|
||||
|
||||
conn, err := myLDAP.Connect()
|
||||
if err != nil || conn == nil {
|
||||
log.Println(err)
|
||||
displayTmplError(w, http.StatusInternalServerError, "login.html", map[string]interface{}{"error": err.Error()})
|
||||
} else if err := conn.ServiceBind(); err != nil {
|
||||
log.Println(err)
|
||||
displayTmplError(w, http.StatusInternalServerError, "login.html", map[string]interface{}{"error": err.Error()})
|
||||
} else if dn, err := conn.SearchDN(r.PostFormValue("login")); err != nil {
|
||||
log.Println(err)
|
||||
displayTmplError(w, http.StatusInternalServerError, "login.html", map[string]interface{}{"error": err.Error()})
|
||||
} else if err := conn.Bind(dn, r.PostFormValue("password")); err != nil {
|
||||
log.Println(err)
|
||||
displayTmplError(w, http.StatusUnauthorized, "login.html", map[string]interface{}{"error": err.Error()})
|
||||
} else if entries, err := conn.GetEntry(dn); err != nil {
|
||||
if entries, err := login(r.PostFormValue("login"), r.PostFormValue("password")); err != nil {
|
||||
log.Println(err)
|
||||
displayTmplError(w, http.StatusInternalServerError, "login.html", map[string]interface{}{"error": err.Error()})
|
||||
} else {
|
||||
|
|
@ -42,3 +49,27 @@ func tryLogin(w http.ResponseWriter, r *http.Request) {
|
|||
displayTmpl(w, "message.html", map[string]interface{}{"details": template.HTML(`Login ok<br><br>Here are the information we have about you:` + cnt + "</ul>")})
|
||||
}
|
||||
}
|
||||
|
||||
func httpBasicAuth(w http.ResponseWriter, r *http.Request) {
|
||||
if user, pass, ok := r.BasicAuth(); ok {
|
||||
if entries, err := login(user, pass); err != nil {
|
||||
w.Header().Set("WWW-Authenticate", `Basic realm="nemunai.re restricted"`)
|
||||
w.WriteHeader(http.StatusUnauthorized)
|
||||
w.Write([]byte(err.Error()))
|
||||
} else {
|
||||
w.WriteHeader(http.StatusOK)
|
||||
for _, e := range entries {
|
||||
for _, v := range e.Values {
|
||||
if e.Name != "userPassword" {
|
||||
w.Write([]byte(fmt.Sprintf("%s: %s", e.Name, v)))
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
} else {
|
||||
w.Header().Set("WWW-Authenticate", `Basic realm="nemunai.re restricted"`)
|
||||
w.WriteHeader(http.StatusUnauthorized)
|
||||
w.Write([]byte("Please login"))
|
||||
}
|
||||
}
|
||||
|
|
|
|||
1
main.go
1
main.go
|
|
@ -131,6 +131,7 @@ func main() {
|
|||
|
||||
// Register handlers
|
||||
http.HandleFunc(fmt.Sprintf("%s/", *baseURL), changePassword)
|
||||
http.HandleFunc(fmt.Sprintf("%s/auth", *baseURL), httpBasicAuth)
|
||||
http.HandleFunc(fmt.Sprintf("%s/login", *baseURL), tryLogin)
|
||||
http.HandleFunc(fmt.Sprintf("%s/change", *baseURL), changePassword)
|
||||
http.HandleFunc(fmt.Sprintf("%s/reset", *baseURL), resetPassword)
|
||||
|
|
|
|||
Loading…
Reference in New Issue