nemunaire/chldapasswd
1
0
Fork 0
Code Issues Pull Requests Releases Activity

Allow login of simpleSecurityObjects
All checks were successful
continuous-integration/drone/push Build is passing
Details

Browse Source
This commit is contained in:
nemunaire 2021-09-15 12:13:09 +02:00
parent 5643713c54
commit e5046b108b
5 changed files with 28 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
change.go
View File

@ -35,7 +35,7 @@ func changePassword(w http.ResponseWriter, r *http.Request) {
} else if err := conn.ServiceBind(); err != nil { } else if err := conn.ServiceBind(); err != nil {
log.Println(err) log.Println(err)
displayTmplError(w, http.StatusInternalServerError, "change.html", map[string]interface{}{"error": err.Error()}) displayTmplError(w, http.StatusInternalServerError, "change.html", map[string]interface{}{"error": err.Error()})
} else if dn, err := conn.SearchDN(r.PostFormValue("login")); err != nil { } else if dn, err := conn.SearchDN(r.PostFormValue("login"), true); err != nil {
log.Println(err) log.Println(err)
displayTmplError(w, http.StatusInternalServerError, "change.html", map[string]interface{}{"error": err.Error()}) displayTmplError(w, http.StatusInternalServerError, "change.html", map[string]interface{}{"error": err.Error()})
} else if err := conn.Bind(dn, r.PostFormValue("password")); err != nil { } else if err := conn.Bind(dn, r.PostFormValue("password")); err != nil {

9
ldap.go
View File

@ -65,11 +65,16 @@ func (l LDAPConn) Bind(username string, password string) error {
return l.connection.Bind(username, password) return l.connection.Bind(username, password)
} }
func (l LDAPConn) SearchDN(username string) (string, error) { func (l LDAPConn) SearchDN(username string, person bool) (string, error) {
objectClass := "organizationalPerson"
if !person {
objectClass = "simpleSecurityObject"
}
searchRequest := ldap.NewSearchRequest( searchRequest := ldap.NewSearchRequest(
l.BaseDN, l.BaseDN,
ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false, ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false,
fmt.Sprintf("(&(objectClass=organizationalPerson)(uid=%s))", username), fmt.Sprintf("(&(objectClass=%s)(uid=%s))", objectClass, username),
[]string{"dn"}, []string{"dn"},
nil, nil,
) )

21
login.go
View File

@ -14,13 +14,26 @@ func login(login string, password string) ([]*ldap.EntryAttribute, error) {
conn, err := myLDAP.Connect() conn, err := myLDAP.Connect()
if err != nil || conn == nil { if err != nil || conn == nil {
return nil, err return nil, err
} else if err := conn.ServiceBind(); err != nil { }
if err = conn.ServiceBind(); err != nil {
return nil, err return nil, err
} else if dn, err := conn.SearchDN(login); err != nil { }
var dn string
dn, err = conn.SearchDN(login, true)
if err != nil {
dn, err = conn.SearchDN(login, false)
if err != nil {
return nil, err return nil, err
} else if err := conn.Bind(dn, password); err != nil { }
}
if err := conn.Bind(dn, password); err != nil {
return nil, err return nil, err
} else if entries, err := conn.GetEntry(dn); err != nil { }
if entries, err := conn.GetEntry(dn); err != nil {
return nil, err return nil, err
} else { } else {
return entries, nil return entries, nil

2
lost.go
View File

@ -74,7 +74,7 @@ func lostPassword(w http.ResponseWriter, r *http.Request) {
} }
// Search the dn of the given user // Search the dn of the given user
dn, err := conn.SearchDN(r.PostFormValue("login")) dn, err := conn.SearchDN(r.PostFormValue("login"), true)
if err != nil { if err != nil {
log.Println(err) log.Println(err)
displayTmplError(w, http.StatusInternalServerError, "lost.html", map[string]interface{}{"error": err.Error()}) displayTmplError(w, http.StatusInternalServerError, "lost.html", map[string]interface{}{"error": err.Error()})

2
reset.go
View File

@ -51,7 +51,7 @@ func resetPassword(w http.ResponseWriter, r *http.Request) {
} }
// Search the dn of the given user // Search the dn of the given user
dn, err := conn.SearchDN(r.PostFormValue("login")) dn, err := conn.SearchDN(r.PostFormValue("login"), true)
if err != nil { if err != nil {
log.Println(err) log.Println(err)
base["error"] = err.Error() base["error"] = err.Error()