This commit is contained in:
parent
6fb7986a7a
commit
4c46386fff
11
auth.go
11
auth.go
@ -32,16 +32,21 @@ func logout(w http.ResponseWriter, ps httprouter.Params, body []byte) HTTPRespon
|
|||||||
return APIResponse{true}
|
return APIResponse{true}
|
||||||
}
|
}
|
||||||
|
|
||||||
func completeAuth(w http.ResponseWriter, username string, email string, firstname string, lastname string, session *Session) (err error) {
|
func completeAuth(w http.ResponseWriter, username string, email string, firstname string, lastname string, groups string, session *Session) (err error) {
|
||||||
var usr User
|
var usr User
|
||||||
if !userExists(username) {
|
if !userExists(username) {
|
||||||
if usr, err = NewUser(username, email, firstname, lastname); err != nil {
|
if usr, err = NewUser(username, email, firstname, lastname, groups); err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
} else if usr, err = getUserByLogin(username); err != nil {
|
} else if usr, err = getUserByLogin(username); err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if usr.Groups != groups {
|
||||||
|
usr.Groups = groups
|
||||||
|
usr.Update()
|
||||||
|
}
|
||||||
|
|
||||||
if session == nil {
|
if session == nil {
|
||||||
var s Session
|
var s Session
|
||||||
s, err = usr.NewSession()
|
s, err = usr.NewSession()
|
||||||
@ -73,5 +78,5 @@ func dummyAuth(w http.ResponseWriter, _ httprouter.Params, body []byte) (interfa
|
|||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
return map[string]string{"status": "OK"}, completeAuth(w, lf["login"], lf["email"], lf["firstname"], lf["lastname"], nil)
|
return map[string]string{"status": "OK"}, completeAuth(w, lf["login"], lf["email"], lf["firstname"], lf["lastname"], "", nil)
|
||||||
}
|
}
|
||||||
|
|||||||
12
auth_oidc.go
12
auth_oidc.go
@ -102,17 +102,21 @@ func OIDC_CRI_complete(w http.ResponseWriter, r *http.Request, ps httprouter.Par
|
|||||||
Nickname string `json:"nickname"`
|
Nickname string `json:"nickname"`
|
||||||
Username string `json:"preferred_username"`
|
Username string `json:"preferred_username"`
|
||||||
Email string `json:"email"`
|
Email string `json:"email"`
|
||||||
Groups []interface{} `json:"groups"`
|
Groups []map[string]interface{} `json:"groups"`
|
||||||
}
|
}
|
||||||
if err := idToken.Claims(&claims); err != nil {
|
if err := idToken.Claims(&claims); err != nil {
|
||||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
// Try to debug Groups
|
groups := ","
|
||||||
log.Println(claims.Groups)
|
for _, g := range claims.Groups {
|
||||||
|
if slug, ok := g["slug"]; ok {
|
||||||
|
groups += slug.(string) + ","
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
if err := completeAuth(w, claims.Username, claims.Email, claims.Firstname, claims.Lastname, &session); err != nil {
|
if err := completeAuth(w, claims.Username, claims.Email, claims.Firstname, claims.Lastname, groups, &session); err != nil {
|
||||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|||||||
1
db.go
1
db.go
@ -61,6 +61,7 @@ CREATE TABLE IF NOT EXISTS users(
|
|||||||
lastname VARCHAR(255) NOT NULL,
|
lastname VARCHAR(255) NOT NULL,
|
||||||
time TIMESTAMP NOT NULL,
|
time TIMESTAMP NOT NULL,
|
||||||
promo MEDIUMINT NOT NULL,
|
promo MEDIUMINT NOT NULL,
|
||||||
|
groups VARCHAR(255) NOT NULL,
|
||||||
is_admin BOOLEAN NOT NULL DEFAULT FALSE
|
is_admin BOOLEAN NOT NULL DEFAULT FALSE
|
||||||
) DEFAULT CHARACTER SET = utf8 COLLATE = utf8_bin;
|
) DEFAULT CHARACTER SET = utf8 COLLATE = utf8_bin;
|
||||||
`); err != nil {
|
`); err != nil {
|
||||||
|
|||||||
@ -27,6 +27,15 @@
|
|||||||
<dt class="col-2">Date d'inscription</dt>
|
<dt class="col-2">Date d'inscription</dt>
|
||||||
<dd class="col-10">{{ user.time }}</dd>
|
<dd class="col-10">{{ user.time }}</dd>
|
||||||
|
|
||||||
|
<dt class="col-2">Groupes</dt>
|
||||||
|
<dd class="col-10">
|
||||||
|
<ul ng-if="user.groups">
|
||||||
|
<li ng-repeat="(gid,g) in user.groups.split(',').slice(1)">
|
||||||
|
<a href="https://cri.epita.fr/group/{{ g }}/">{{ g }}</a>
|
||||||
|
</li>
|
||||||
|
</ul>
|
||||||
|
</dd>
|
||||||
|
|
||||||
<dt class="col-2">Admin</dt>
|
<dt class="col-2">Admin</dt>
|
||||||
<dd class="col-10">{{ user.id_admin?"Oui":"Non" }}</dd>
|
<dd class="col-10">{{ user.id_admin?"Oui":"Non" }}</dd>
|
||||||
</dl>
|
</dl>
|
||||||
|
|||||||
18
users.go
18
users.go
@ -50,18 +50,19 @@ type User struct {
|
|||||||
Lastname string `json:"lastname"`
|
Lastname string `json:"lastname"`
|
||||||
Time time.Time `json:"time"`
|
Time time.Time `json:"time"`
|
||||||
Promo uint `json:"promo"`
|
Promo uint `json:"promo"`
|
||||||
|
Groups string `json:"groups"`
|
||||||
IsAdmin bool `json:"is_admin"`
|
IsAdmin bool `json:"is_admin"`
|
||||||
}
|
}
|
||||||
|
|
||||||
func getUsers() (users []User, err error) {
|
func getUsers() (users []User, err error) {
|
||||||
if rows, errr := DBQuery("SELECT id_user, login, email, firstname, lastname, time, promo, is_admin FROM users"); errr != nil {
|
if rows, errr := DBQuery("SELECT id_user, login, email, firstname, lastname, time, promo, groups, is_admin FROM users"); errr != nil {
|
||||||
return nil, errr
|
return nil, errr
|
||||||
} else {
|
} else {
|
||||||
defer rows.Close()
|
defer rows.Close()
|
||||||
|
|
||||||
for rows.Next() {
|
for rows.Next() {
|
||||||
var u User
|
var u User
|
||||||
if err = rows.Scan(&u.Id, &u.Login, &u.Email, &u.Firstname, &u.Lastname, &u.Time, &u.Promo, &u.IsAdmin); err != nil {
|
if err = rows.Scan(&u.Id, &u.Login, &u.Email, &u.Firstname, &u.Lastname, &u.Time, &u.Promo, &u.Groups, &u.IsAdmin); err != nil {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
users = append(users, u)
|
users = append(users, u)
|
||||||
@ -75,12 +76,12 @@ func getUsers() (users []User, err error) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func getUser(id int) (u User, err error) {
|
func getUser(id int) (u User, err error) {
|
||||||
err = DBQueryRow("SELECT id_user, login, email, firstname, lastname, time, promo, is_admin FROM users WHERE id_user=?", id).Scan(&u.Id, &u.Login, &u.Email, &u.Firstname, &u.Lastname, &u.Time, &u.Promo, &u.IsAdmin)
|
err = DBQueryRow("SELECT id_user, login, email, firstname, lastname, time, promo, groups, is_admin FROM users WHERE id_user=?", id).Scan(&u.Id, &u.Login, &u.Email, &u.Firstname, &u.Lastname, &u.Time, &u.Promo, &u.Groups, &u.IsAdmin)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
func getUserByLogin(login string) (u User, err error) {
|
func getUserByLogin(login string) (u User, err error) {
|
||||||
err = DBQueryRow("SELECT id_user, login, email, firstname, lastname, time, promo, is_admin FROM users WHERE login=?", login).Scan(&u.Id, &u.Login, &u.Email, &u.Firstname, &u.Lastname, &u.Time, &u.Promo, &u.IsAdmin)
|
err = DBQueryRow("SELECT id_user, login, email, firstname, lastname, time, promo, groups, is_admin FROM users WHERE login=?", login).Scan(&u.Id, &u.Login, &u.Email, &u.Firstname, &u.Lastname, &u.Time, &u.Promo, &u.Groups, &u.IsAdmin)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -90,19 +91,19 @@ func userExists(login string) bool {
|
|||||||
return err == nil && z == 1
|
return err == nil && z == 1
|
||||||
}
|
}
|
||||||
|
|
||||||
func NewUser(login string, email string, firstname string, lastname string) (User, error) {
|
func NewUser(login string, email string, firstname string, lastname string, groups string) (User, error) {
|
||||||
t := time.Now()
|
t := time.Now()
|
||||||
if res, err := DBExec("INSERT INTO users (login, email, firstname, lastname, time, promo) VALUES (?, ?, ?, ?, ?, ?)", login, email, firstname, lastname, t, currentPromo); err != nil {
|
if res, err := DBExec("INSERT INTO users (login, email, firstname, lastname, time, promo, groups) VALUES (?, ?, ?, ?, ?, ?, ?)", login, email, firstname, lastname, t, currentPromo, groups); err != nil {
|
||||||
return User{}, err
|
return User{}, err
|
||||||
} else if sid, err := res.LastInsertId(); err != nil {
|
} else if sid, err := res.LastInsertId(); err != nil {
|
||||||
return User{}, err
|
return User{}, err
|
||||||
} else {
|
} else {
|
||||||
return User{sid, login, email, firstname, lastname, t, currentPromo, false}, nil
|
return User{sid, login, email, firstname, lastname, t, currentPromo, groups, false}, nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func (u User) Update() (int64, error) {
|
func (u User) Update() (int64, error) {
|
||||||
if res, err := DBExec("UPDATE users SET login = ?, email = ?, firstname = ?, lastname = ?, time = ?, promo = ? WHERE id_user = ?", u.Login, u.Email, u.Firstname, u.Lastname, u.Time, u.Promo, u.Id); err != nil {
|
if res, err := DBExec("UPDATE users SET login = ?, email = ?, firstname = ?, lastname = ?, time = ?, promo = ?, groups = ? WHERE id_user = ?", u.Login, u.Email, u.Firstname, u.Lastname, u.Time, u.Promo, u.Groups, u.Id); err != nil {
|
||||||
return 0, err
|
return 0, err
|
||||||
} else if nb, err := res.RowsAffected(); err != nil {
|
} else if nb, err := res.RowsAffected(); err != nil {
|
||||||
return 0, err
|
return 0, err
|
||||||
@ -152,5 +153,6 @@ func updateUser(current User, body []byte) HTTPResponse {
|
|||||||
current.Lastname = new.Lastname
|
current.Lastname = new.Lastname
|
||||||
current.Time = new.Time
|
current.Time = new.Time
|
||||||
current.Promo = new.Promo
|
current.Promo = new.Promo
|
||||||
|
current.Groups = new.Groups
|
||||||
return formatApiResponse(current.Update())
|
return formatApiResponse(current.Update())
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user