Commit 0acf95b9 authored by Leonard Techel's avatar Leonard Techel
Browse files

Authprovider: Let every method return the current user object

+ Refactor the LDAP provider
+ Add GetUser method that returns the user object for an arbitary
  username if there is one
parent c2981920
......@@ -10,6 +10,7 @@ type User struct {
type AuthProvider interface {
Authenticate(username string, password string) (user User, err error)
Register(username string, password string) (user User, err error)
SetPassword(username string, password string) (err error)
UpdateUser(username string, data User) (err error)
SetPassword(username string, password string) (user User, err error)
UpdateUser(username string, data User) (user User, err error)
GetUser(username string) (user User, err error)
}
......@@ -37,7 +37,20 @@ func (lp *LdapProvider) bindRoot(conn *ldap.Conn) (err error) {
return
}
func (lp *LdapProvider) getUserByUID(conn *ldap.Conn, uid string) (entry *ldap.Entry, err error) {
func (lp *LdapProvider) getUserByUID(uid string) (conn *ldap.Conn, entry *ldap.Entry, user User, err error) {
// 1. Connect to LDAP
conn, err = lp.connect()
if err != nil {
return
}
// 2. Bind as root
err = lp.bindRoot(conn)
if err != nil {
return
}
// 3. Get requested DN
q := ldap.NewSearchRequest(
lp.cfg.Base,
ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false,
......@@ -56,45 +69,32 @@ func (lp *LdapProvider) getUserByUID(conn *ldap.Conn, uid string) (entry *ldap.E
return
}
// 4. Build user object
entry = result.Entries[0]
user = User{
Id: entry.GetAttributeValue("uid"),
Name: entry.GetAttributeValue("displayName"),
Mail: entry.GetAttributeValue("mail"),
Lang: regexp.MustCompile("[a-zA-Z_-]+").FindString(entry.GetAttributeValue("preferredLanguage")),
}
return
}
func (lp *LdapProvider) Authenticate(username string, password string) (user User, err error) {
conn, err := lp.connect()
conn, entry, user, err := lp.getUserByUID(username)
if err != nil {
return
}
defer conn.Close()
// 1. Bind as root
err = lp.bindRoot(conn)
if err != nil {
return
}
// 2. Get DN
entry, err := lp.getUserByUID(conn, username)
if err != nil {
return
}
// 3. Try to bind as the user
// Try to bind as the user
err = conn.Bind(entry.DN, password)
if err != nil {
return
}
// 4. Create User data
lang := regexp.MustCompile("[a-zA-Z]+").FindString(entry.GetAttributeValue("preferredLanguage"))
user = User{
Id: username,
Name: entry.GetAttributeValue("displayName"),
Mail: entry.GetAttributeValue("mail"),
Lang: lang,
}
return
}
......@@ -102,26 +102,14 @@ func (lp *LdapProvider) Register(username string, password string) (user User, e
return
}
func (lp *LdapProvider) SetPassword(username string, password string) (err error) {
conn, err := lp.connect()
func (lp *LdapProvider) SetPassword(username string, password string) (user User, err error) {
conn, entry, user, err := lp.getUserByUID(username)
if err != nil {
return
}
defer conn.Close()
// 1. Bind as root
err = lp.bindRoot(conn)
if err != nil {
return
}
// 2. Get DN
entry, err := lp.getUserByUID(conn, username)
if err != nil {
return
}
// 3. Set new password
// Set new password
passwordModifyRequest := ldap.NewPasswordModifyRequest(entry.DN, "", password)
_, err = conn.PasswordModify(passwordModifyRequest)
if err != nil {
......@@ -131,26 +119,14 @@ func (lp *LdapProvider) SetPassword(username string, password string) (err error
return
}
func (lp *LdapProvider) UpdateUser(username string, data User) (err error) {
conn, err := lp.connect()
func (lp *LdapProvider) UpdateUser(username string, data User) (user User, err error) {
conn, entry, user, err := lp.getUserByUID(username)
if err != nil {
return
}
defer conn.Close()
// 1. Bind as root
err = lp.bindRoot(conn)
if err != nil {
return
}
// 2. Get DN
entry, err := lp.getUserByUID(conn, username)
if err != nil {
return
}
// 3. Set new data
// Set new data
modify := ldap.NewModifyRequest(entry.DN)
modify.Replace("displayName", []string{data.Name})
modify.Replace("mail", []string{data.Mail})
......@@ -163,3 +139,10 @@ func (lp *LdapProvider) UpdateUser(username string, data User) (err error) {
return
}
func (lp *LdapProvider) GetUser(username string) (user User, err error) {
conn, _, user, err := lp.getUserByUID(username)
defer conn.Close()
return
}
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment