aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--main.go126
-rw-r--r--profile.go107
2 files changed, 125 insertions, 108 deletions
diff --git a/main.go b/main.go
index d7d8ba5..9717167 100644
--- a/main.go
+++ b/main.go
@@ -23,7 +23,12 @@ type ConfigFile struct {
SessionKey string `json:"session_key"`
LdapServerAddr string `json:"ldap_server_addr"`
LdapTLS bool `json:"ldap_tls"`
- UserFormat string `json:"user_format"`
+
+ UserBaseDN string `json:"user_base_dn"`
+ UserNameAttr string `json:"user_name_attr"`
+ GroupBaseDN string `json:"group_base_dn"`
+ GroupNameAttr string `json:"group_name_attr"`
+
GroupCanInvite string `json:"group_can_invite"`
GroupCanAdmin string `json:"group_can_admin"`
}
@@ -48,7 +53,12 @@ func readConfig() ConfigFile {
SessionKey: base64.StdEncoding.EncodeToString(key_bytes),
LdapServerAddr: "ldap://127.0.0.1:389",
LdapTLS: false,
- UserFormat: "cn=%s,ou=users,dc=example,dc=com",
+ UserBaseDN: "ou=users,dc=example,dc=com",
+ UserNameAttr: "uid",
+ GroupBaseDN: "ou=groups,dc=example,dc=com",
+ GroupNameAttr: "gid",
+ GroupCanInvite: "",
+ GroupCanAdmin: "gid=admin,ou=groups,dc=example,dc=com",
}
_, err = os.Stat(*configFlag)
@@ -213,13 +223,6 @@ func ldapOpen(w http.ResponseWriter) *ldap.Conn {
return l
}
-// Templates ----
-
-type LoginFormData struct {
- Username string
- ErrorMessage string
-}
-
// Page handlers ----
type HomePageData struct {
@@ -274,6 +277,11 @@ func handleLogout(w http.ResponseWriter, r *http.Request) {
http.Redirect(w, r, "/", http.StatusFound)
}
+type LoginFormData struct {
+ Username string
+ ErrorMessage string
+}
+
func handleLogin(w http.ResponseWriter, r *http.Request) *LoginInfo {
templateLogin := template.Must(template.ParseFiles("templates/layout.html", "templates/login.html"))
@@ -285,7 +293,7 @@ func handleLogin(w http.ResponseWriter, r *http.Request) *LoginInfo {
username := strings.Join(r.Form["username"], "")
password := strings.Join(r.Form["password"], "")
- user_dn := strings.ReplaceAll(config.UserFormat, "%s", username)
+ user_dn := fmt.Sprintf("%s=%s,%s", config.UserNameAttr, username, config.UserBaseDN)
l := ldapOpen(w)
if l == nil {
@@ -328,101 +336,3 @@ func handleLogin(w http.ResponseWriter, r *http.Request) *LoginInfo {
return nil
}
}
-
-type ProfileTplData struct {
- Status *LoginStatus
- ErrorMessage string
- Success bool
- Mail string
- DisplayName string
- GivenName string
- Surname string
-}
-
-func handleProfile(w http.ResponseWriter, r *http.Request) {
- templateProfile := template.Must(template.ParseFiles("templates/layout.html", "templates/profile.html"))
-
- login := checkLogin(w, r)
- if login == nil {
- return
- }
-
- data := &ProfileTplData{
- Status: login,
- ErrorMessage: "",
- Success: false,
- }
-
- if r.Method == "POST" {
- r.ParseForm()
-
- data.Mail = strings.Join(r.Form["mail"], "")
- data.DisplayName = strings.Join(r.Form["display_name"], "")
- data.GivenName = strings.Join(r.Form["given_name"], "")
- data.Surname = strings.Join(r.Form["surname"], "")
-
- modify_request := ldap.NewModifyRequest(login.Info.DN, nil)
- modify_request.Replace("mail", []string{data.Mail})
- modify_request.Replace("displayname", []string{data.DisplayName})
- modify_request.Replace("givenname", []string{data.GivenName})
- modify_request.Replace("sn", []string{data.Surname})
-
- err := login.conn.Modify(modify_request)
- if err != nil {
- data.ErrorMessage = err.Error()
- } else {
- data.Success = true
- }
- } else {
- data.Mail = login.UserEntry.GetAttributeValue("mail")
- data.DisplayName = login.UserEntry.GetAttributeValue("displayname")
- data.GivenName = login.UserEntry.GetAttributeValue("givenname")
- data.Surname = login.UserEntry.GetAttributeValue("sn")
- }
-
- templateProfile.Execute(w, data)
-}
-
-type PasswdTplData struct {
- Status *LoginStatus
- ErrorMessage string
- NoMatchError bool
- Success bool
-}
-
-func handlePasswd(w http.ResponseWriter, r *http.Request) {
- templatePasswd := template.Must(template.ParseFiles("templates/layout.html", "templates/passwd.html"))
-
- login := checkLogin(w, r)
- if login == nil {
- return
- }
-
- data := &PasswdTplData{
- Status: login,
- ErrorMessage: "",
- Success: false,
- }
-
- if r.Method == "POST" {
- r.ParseForm()
-
- password := strings.Join(r.Form["password"], "")
- password2 := strings.Join(r.Form["password2"], "")
-
- if password2 != password {
- data.NoMatchError = true
- } else {
- modify_request := ldap.NewModifyRequest(login.Info.DN, nil)
- modify_request.Replace("userpassword", []string{SSHAEncode([]byte(password))})
- err := login.conn.Modify(modify_request)
- if err != nil {
- data.ErrorMessage = err.Error()
- } else {
- data.Success = true
- }
- }
- }
-
- templatePasswd.Execute(w, data)
-}
diff --git a/profile.go b/profile.go
new file mode 100644
index 0000000..00e93dd
--- /dev/null
+++ b/profile.go
@@ -0,0 +1,107 @@
+package main
+
+import (
+ "html/template"
+ "net/http"
+ "strings"
+
+ "github.com/go-ldap/ldap/v3"
+)
+
+type ProfileTplData struct {
+ Status *LoginStatus
+ ErrorMessage string
+ Success bool
+ Mail string
+ DisplayName string
+ GivenName string
+ Surname string
+}
+
+func handleProfile(w http.ResponseWriter, r *http.Request) {
+ templateProfile := template.Must(template.ParseFiles("templates/layout.html", "templates/profile.html"))
+
+ login := checkLogin(w, r)
+ if login == nil {
+ return
+ }
+
+ data := &ProfileTplData{
+ Status: login,
+ ErrorMessage: "",
+ Success: false,
+ }
+
+ if r.Method == "POST" {
+ r.ParseForm()
+
+ data.Mail = strings.Join(r.Form["mail"], "")
+ data.DisplayName = strings.Join(r.Form["display_name"], "")
+ data.GivenName = strings.Join(r.Form["given_name"], "")
+ data.Surname = strings.Join(r.Form["surname"], "")
+
+ modify_request := ldap.NewModifyRequest(login.Info.DN, nil)
+ modify_request.Replace("mail", []string{data.Mail})
+ modify_request.Replace("displayname", []string{data.DisplayName})
+ modify_request.Replace("givenname", []string{data.GivenName})
+ modify_request.Replace("sn", []string{data.Surname})
+
+ err := login.conn.Modify(modify_request)
+ if err != nil {
+ data.ErrorMessage = err.Error()
+ } else {
+ data.Success = true
+ }
+ } else {
+ data.Mail = login.UserEntry.GetAttributeValue("mail")
+ data.DisplayName = login.UserEntry.GetAttributeValue("displayname")
+ data.GivenName = login.UserEntry.GetAttributeValue("givenname")
+ data.Surname = login.UserEntry.GetAttributeValue("sn")
+ }
+
+ templateProfile.Execute(w, data)
+}
+
+type PasswdTplData struct {
+ Status *LoginStatus
+ ErrorMessage string
+ NoMatchError bool
+ Success bool
+}
+
+func handlePasswd(w http.ResponseWriter, r *http.Request) {
+ templatePasswd := template.Must(template.ParseFiles("templates/layout.html", "templates/passwd.html"))
+
+ login := checkLogin(w, r)
+ if login == nil {
+ return
+ }
+
+ data := &PasswdTplData{
+ Status: login,
+ ErrorMessage: "",
+ Success: false,
+ }
+
+ if r.Method == "POST" {
+ r.ParseForm()
+
+ password := strings.Join(r.Form["password"], "")
+ password2 := strings.Join(r.Form["password2"], "")
+
+ if password2 != password {
+ data.NoMatchError = true
+ } else {
+ modify_request := ldap.NewModifyRequest(login.Info.DN, nil)
+ modify_request.Replace("userpassword", []string{SSHAEncode([]byte(password))})
+ err := login.conn.Modify(modify_request)
+ if err != nil {
+ data.ErrorMessage = err.Error()
+ } else {
+ data.Success = true
+ }
+ }
+ }
+
+ templatePasswd.Execute(w, data)
+}