xeen
/
auth-server
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Create user in db after ldap-auth to FK tokens to

This commit is contained in:
Alex Wright 2020-03-01 20:54:22 +01:00
parent 03c988dafe
commit 7f59729f1f
1 changed files with 21 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
src/main.rs
View File

@ -64,6 +64,7 @@ struct LdapUser {
pub groups: Vec<String>, pub groups: Vec<String>,
pub mail: Vec<String>, pub mail: Vec<String>,
pub services: Vec<String>, pub services: Vec<String>,
pub username: String,
} }
fn auth_user(auth: &BasicAuthentication) -> Result<LdapUser, AuthError> { fn auth_user(auth: &BasicAuthentication) -> Result<LdapUser, AuthError> {
@ -83,7 +84,7 @@ fn auth_user(auth: &BasicAuthentication) -> Result<LdapUser, AuthError> {
}; };
let filter = format!("(uid={})", auth.username); let filter = format!("(uid={})", auth.username);
let s = match ldap.search(&base, Scope::Subtree, &filter, vec!["mail", "enabledService", "memberOf"]) { let s = match ldap.search(&base, Scope::Subtree, &filter, vec!["uid", "mail", "enabledService", "memberOf"]) {
Ok(result) => { Ok(result) => {
let (rs, _) = result.success().unwrap(); let (rs, _) = result.success().unwrap();
rs rs
@ -105,6 +106,10 @@ fn auth_user(auth: &BasicAuthentication) -> Result<LdapUser, AuthError> {
Some(groups) => groups.to_vec(), Some(groups) => groups.to_vec(),
None => [].to_vec(), None => [].to_vec(),
}; };
let username = match se.attrs.get("uid") {
Some(username) => username[0].to_owned(),
None => "".to_string(),
};
info!("Authentication success for {:?}", base); info!("Authentication success for {:?}", base);
Ok(LdapUser { Ok(LdapUser {
@ -112,9 +117,12 @@ fn auth_user(auth: &BasicAuthentication) -> Result<LdapUser, AuthError> {
groups: groups, groups: groups,
mail: mail, mail: mail,
services: services, services: services,
username: username,
}) })
} }
use models::{ User };
#[derive(FromForm)] #[derive(FromForm)]
struct LoginData { struct LoginData {
username: String, username: String,
@ -138,15 +146,22 @@ fn login_form(flash: Option<FlashMessage<'_, '_>>) -> Template {
} }
#[post("/login", data = "<form_data>")] #[post("/login", data = "<form_data>")]
fn login(form_data: Form<LoginData>) -> Result<Redirect, Flash<Redirect>> { fn login(form_data: Form<LoginData>, conn: AuthDb) -> Result<Redirect, Flash<Redirect>> {
let auth = BasicAuthentication { let auth = BasicAuthentication {
username: form_data.username.to_owned(), username: form_data.username.to_owned(),
password: form_data.password.to_owned(), password: form_data.password.to_owned(),
}; };
match auth_user(&auth) { let ldap_user = match auth_user(&auth) {
Ok(_ldap_user) => Ok(Redirect::to("/")), Ok(ldap_user) => ldap_user,
_ => Err(Flash::error(Redirect::to(uri!(login_form)), "Not able to authenticate with given credentials.")), _ => return Err(Flash::error(Redirect::to(uri!(login_form)), "Not able to authenticate with given credentials.")),
} };
let user = match User::find_or_create(&conn, ldap_user.username) {
Ok(user) => user,
_ => return Err(Flash::error(Redirect::to(uri!(login_form)), "Failed to fetch user")),
};
println!("User: {:?}", user);
Ok(Redirect::to("/"))
} }
fn jwk_from_pem(file_path: &Path) -> Result<JWK<Empty>, Box<dyn std::error::Error + 'static>> { fn jwk_from_pem(file_path: &Path) -> Result<JWK<Empty>, Box<dyn std::error::Error + 'static>> {