diff --git a/login.go b/login.go
index 4ddc935..c094d27 100644
--- a/login.go
+++ b/login.go
@@ -1,31 +1,38 @@
package main
import (
+ "fmt"
"html/template"
"log"
"net/http"
+
+ "gopkg.in/ldap.v2"
)
+func login(login string, password string) ([]*ldap.EntryAttribute, error) {
+ conn, err := myLDAP.Connect()
+ if err != nil || conn == nil {
+ return nil, err
+ } else if err := conn.ServiceBind(); err != nil {
+ return nil, err
+ } else if dn, err := conn.SearchDN(login); err != nil {
+ return nil, err
+ } else if err := conn.Bind(dn, password); err != nil {
+ return nil, err
+ } else if entries, err := conn.GetEntry(dn); err != nil {
+ return nil, err
+ } else {
+ return entries, nil
+ }
+}
+
func tryLogin(w http.ResponseWriter, r *http.Request) {
if r.Method != "POST" {
displayTmpl(w, "login.html", map[string]interface{}{})
return
}
- conn, err := myLDAP.Connect()
- if err != nil || conn == nil {
- log.Println(err)
- displayTmplError(w, http.StatusInternalServerError, "login.html", map[string]interface{}{"error": err.Error()})
- } else if err := conn.ServiceBind(); err != nil {
- log.Println(err)
- displayTmplError(w, http.StatusInternalServerError, "login.html", map[string]interface{}{"error": err.Error()})
- } else if dn, err := conn.SearchDN(r.PostFormValue("login")); err != nil {
- log.Println(err)
- displayTmplError(w, http.StatusInternalServerError, "login.html", map[string]interface{}{"error": err.Error()})
- } else if err := conn.Bind(dn, r.PostFormValue("password")); err != nil {
- log.Println(err)
- displayTmplError(w, http.StatusUnauthorized, "login.html", map[string]interface{}{"error": err.Error()})
- } else if entries, err := conn.GetEntry(dn); err != nil {
+ if entries, err := login(r.PostFormValue("login"), r.PostFormValue("password")); err != nil {
log.Println(err)
displayTmplError(w, http.StatusInternalServerError, "login.html", map[string]interface{}{"error": err.Error()})
} else {
@@ -42,3 +49,27 @@ func tryLogin(w http.ResponseWriter, r *http.Request) {
displayTmpl(w, "message.html", map[string]interface{}{"details": template.HTML(`Login ok
Here are the information we have about you:` + cnt + "")})
}
}
+
+func httpBasicAuth(w http.ResponseWriter, r *http.Request) {
+ if user, pass, ok := r.BasicAuth(); ok {
+ if entries, err := login(user, pass); err != nil {
+ w.Header().Set("WWW-Authenticate", `Basic realm="nemunai.re restricted"`)
+ w.WriteHeader(http.StatusUnauthorized)
+ w.Write([]byte(err.Error()))
+ } else {
+ w.WriteHeader(http.StatusOK)
+ for _, e := range entries {
+ for _, v := range e.Values {
+ if e.Name != "userPassword" {
+ w.Write([]byte(fmt.Sprintf("%s: %s", e.Name, v)))
+ }
+ }
+ }
+
+ }
+ } else {
+ w.Header().Set("WWW-Authenticate", `Basic realm="nemunai.re restricted"`)
+ w.WriteHeader(http.StatusUnauthorized)
+ w.Write([]byte("Please login"))
+ }
+}
diff --git a/main.go b/main.go
index 766af5c..7d084bd 100644
--- a/main.go
+++ b/main.go
@@ -131,6 +131,7 @@ func main() {
// Register handlers
http.HandleFunc(fmt.Sprintf("%s/", *baseURL), changePassword)
+ http.HandleFunc(fmt.Sprintf("%s/auth", *baseURL), httpBasicAuth)
http.HandleFunc(fmt.Sprintf("%s/login", *baseURL), tryLogin)
http.HandleFunc(fmt.Sprintf("%s/change", *baseURL), changePassword)
http.HandleFunc(fmt.Sprintf("%s/reset", *baseURL), resetPassword)