aboutsummaryrefslogtreecommitdiff
path: root/login.go
diff options
context:
space:
mode:
Diffstat (limited to 'login.go')
-rw-r--r--login.go45
1 files changed, 23 insertions, 22 deletions
diff --git a/login.go b/login.go
index 87b7a67..277e3ae 100644
--- a/login.go
+++ b/login.go
@@ -13,12 +13,12 @@ import (
var (
ErrNotAuthenticatedSession = fmt.Errorf("User has no session")
- ErrNotAuthenticatedBasic = fmt.Errorf("User has not sent Authentication Basic information")
- ErrNotAuthenticated = fmt.Errorf("User is not authenticated")
- ErrWrongLDAPCredentials = fmt.Errorf("LDAP credentials are wrong")
- ErrLDAPServerUnreachable = fmt.Errorf("Unable to open the LDAP server")
+ ErrNotAuthenticatedBasic = fmt.Errorf("User has not sent Authentication Basic information")
+ ErrNotAuthenticated = fmt.Errorf("User is not authenticated")
+ ErrWrongLDAPCredentials = fmt.Errorf("LDAP credentials are wrong")
+ ErrLDAPServerUnreachable = fmt.Errorf("Unable to open the LDAP server")
ErrLDAPSearchInternalError = fmt.Errorf("LDAP Search of this user failed with an internal error")
- ErrLDAPSearchNotFound = fmt.Errorf("User is authenticated but its associated data can not be found during search")
+ ErrLDAPSearchNotFound = fmt.Errorf("User is authenticated but its associated data can not be found during search")
)
// --- Login Info ---
@@ -48,10 +48,10 @@ func NewLoginInfoFromSession(r *http.Request) (*LoginInfo, error) {
func NewLoginInfoFromBasicAuth(r *http.Request) (*LoginInfo, error) {
username, password, ok := r.BasicAuth()
if ok {
- login_info := &LoginInfo{
- Username: username,
- Password: password,
- }
+ login_info := &LoginInfo{
+ Username: username,
+ Password: password,
+ }
return login_info, nil
}
@@ -69,8 +69,8 @@ func (li *LoginInfo) DN() string {
// --- Login Status ---
type LoginStatus struct {
- Info *LoginInfo
- conn *ldap.Conn
+ Info *LoginInfo
+ conn *ldap.Conn
}
func NewLoginStatus(r *http.Request, login_info *LoginInfo) (*LoginStatus, error) {
@@ -109,12 +109,13 @@ func NewLdapCon() (*ldap.Conn, error) {
// --- Capabilities ---
type Capabilities struct {
- CanAdmin bool
+ CanAdmin bool
CanInvite bool
}
+
func NewCapabilities(login *LoginStatus, entry *ldap.Entry) *Capabilities {
// Initialize
- canAdmin := false
+ canAdmin := false
canInvite := false
// Special case for the "admin" account that is de-facto admin
@@ -135,19 +136,20 @@ func NewCapabilities(login *LoginStatus, entry *ldap.Entry) *Capabilities {
}
return &Capabilities{
- CanAdmin: canAdmin,
+ CanAdmin: canAdmin,
CanInvite: canInvite,
}
}
// --- Logged User ---
type LoggedUser struct {
- Login *LoginStatus
+ Login *LoginStatus
Entry *ldap.Entry
Capabilities *Capabilities
- Quota *UserQuota
- s3key *garage.KeyInfo
+ Quota *UserQuota
+ s3key *garage.KeyInfo
}
+
func NewLoggedUser(login *LoginStatus) (*LoggedUser, error) {
requestKind := "(objectClass=organizationalPerson)"
if strings.EqualFold(login.Info.DN(), config.AdminAccount) {
@@ -184,11 +186,11 @@ func NewLoggedUser(login *LoginStatus) (*LoggedUser, error) {
}
entry := sr.Entries[0]
- lu := &LoggedUser {
- Login: login,
- Entry: entry,
+ lu := &LoggedUser{
+ Login: login,
+ Entry: entry,
Capabilities: NewCapabilities(login, entry),
- Quota: NewUserQuotaFromEntry(entry),
+ Quota: NewUserQuotaFromEntry(entry),
}
return lu, nil
}
@@ -251,7 +253,6 @@ func RequireUser(r *http.Request) (*LoggedUser, error) {
return nil, ErrNotAuthenticated
}
-
loginStatus, err := NewLoginStatus(r, login_info)
if err != nil {
return nil, err