feat: add bearer-authenticated password change API
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
Add POST /api/v1/password endpoint accepting a JSON body (username, old_password, new_password) protected by a shared Bearer token (CHANGE_API_SECRET / -change-api-secret). It verifies the current password via an LDAP bind before applying the change, matching the alps "password" plugin bearer flow. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
parent
dda090938e
commit
37edbbb9b6
3 changed files with 262 additions and 0 deletions
1
main.go
1
main.go
|
|
@ -241,6 +241,7 @@ func main() {
|
|||
http.HandleFunc(fmt.Sprintf("GET %s/style.css", baseURL), serveStyleCSS)
|
||||
http.HandleFunc(fmt.Sprintf("GET %s/altcha-challenge", baseURL), serveAltchaChallenge)
|
||||
http.HandleFunc(fmt.Sprintf("%s/{$}", baseURL), changePassword)
|
||||
http.HandleFunc(fmt.Sprintf("POST %s/api/v1/password", baseURL), changePasswordAPI)
|
||||
http.HandleFunc(fmt.Sprintf("POST %s/api/v1/aliases", baseURL), addyAliasAPI)
|
||||
http.HandleFunc(fmt.Sprintf("DELETE %s/api/v1/aliases/{alias}", baseURL), addyAliasAPIDelete)
|
||||
http.HandleFunc(fmt.Sprintf("%s/auth", baseURL), httpBasicAuth)
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue