From 7f59729f1f6a5202c3c7ea98dd75bf8e992411a6 Mon Sep 17 00:00:00 2001 From: Alex Wright Date: Sun, 1 Mar 2020 20:54:22 +0100 Subject: [PATCH] Create user in db after ldap-auth to FK tokens to --- src/main.rs | 27 +++++++++++++++++++++------ 1 file changed, 21 insertions(+), 6 deletions(-) diff --git a/src/main.rs b/src/main.rs index 74c98f7..8285423 100644 --- a/src/main.rs +++ b/src/main.rs @@ -64,6 +64,7 @@ struct LdapUser { pub groups: Vec, pub mail: Vec, pub services: Vec, + pub username: String, } fn auth_user(auth: &BasicAuthentication) -> Result { @@ -83,7 +84,7 @@ fn auth_user(auth: &BasicAuthentication) -> Result { }; let filter = format!("(uid={})", auth.username); - let s = match ldap.search(&base, Scope::Subtree, &filter, vec!["mail", "enabledService", "memberOf"]) { + let s = match ldap.search(&base, Scope::Subtree, &filter, vec!["uid", "mail", "enabledService", "memberOf"]) { Ok(result) => { let (rs, _) = result.success().unwrap(); rs @@ -105,6 +106,10 @@ fn auth_user(auth: &BasicAuthentication) -> Result { Some(groups) => groups.to_vec(), None => [].to_vec(), }; + let username = match se.attrs.get("uid") { + Some(username) => username[0].to_owned(), + None => "".to_string(), + }; info!("Authentication success for {:?}", base); Ok(LdapUser { @@ -112,9 +117,12 @@ fn auth_user(auth: &BasicAuthentication) -> Result { groups: groups, mail: mail, services: services, + username: username, }) } +use models::{ User }; + #[derive(FromForm)] struct LoginData { username: String, @@ -138,15 +146,22 @@ fn login_form(flash: Option>) -> Template { } #[post("/login", data = "")] -fn login(form_data: Form) -> Result> { +fn login(form_data: Form, conn: AuthDb) -> Result> { let auth = BasicAuthentication { username: form_data.username.to_owned(), password: form_data.password.to_owned(), }; - match auth_user(&auth) { - Ok(_ldap_user) => Ok(Redirect::to("/")), - _ => Err(Flash::error(Redirect::to(uri!(login_form)), "Not able to authenticate with given credentials.")), - } + let ldap_user = match auth_user(&auth) { + Ok(ldap_user) => ldap_user, + _ => return Err(Flash::error(Redirect::to(uri!(login_form)), "Not able to authenticate with given credentials.")), + }; + let user = match User::find_or_create(&conn, ldap_user.username) { + Ok(user) => user, + _ => return Err(Flash::error(Redirect::to(uri!(login_form)), "Failed to fetch user")), + }; + println!("User: {:?}", user); + + Ok(Redirect::to("/")) } fn jwk_from_pem(file_path: &Path) -> Result, Box> {