Create user in db after ldap-auth to FK tokens to
This commit is contained in:
Alex Wright
parent
03c988dafe
commit
7f59729f1f
27
src/main.rs
27
src/main.rs
|
|
@ -64,6 +64,7 @@ struct LdapUser {
|
|||
pub groups: Vec<String>,
|
||||
pub mail: Vec<String>,
|
||||
pub services: Vec<String>,
|
||||
pub username: String,
|
||||
}
|
||||
|
||||
fn auth_user(auth: &BasicAuthentication) -> Result<LdapUser, AuthError> {
|
||||
|
|
@ -83,7 +84,7 @@ fn auth_user(auth: &BasicAuthentication) -> Result<LdapUser, AuthError> {
|
|||
};
|
||||
|
||||
let filter = format!("(uid={})", auth.username);
|
||||
let s = match ldap.search(&base, Scope::Subtree, &filter, vec!["mail", "enabledService", "memberOf"]) {
|
||||
let s = match ldap.search(&base, Scope::Subtree, &filter, vec!["uid", "mail", "enabledService", "memberOf"]) {
|
||||
Ok(result) => {
|
||||
let (rs, _) = result.success().unwrap();
|
||||
rs
|
||||
|
|
@ -105,6 +106,10 @@ fn auth_user(auth: &BasicAuthentication) -> Result<LdapUser, AuthError> {
|
|||
Some(groups) => groups.to_vec(),
|
||||
None => [].to_vec(),
|
||||
};
|
||||
let username = match se.attrs.get("uid") {
|
||||
Some(username) => username[0].to_owned(),
|
||||
None => "".to_string(),
|
||||
};
|
||||
|
||||
info!("Authentication success for {:?}", base);
|
||||
Ok(LdapUser {
|
||||
|
|
@ -112,9 +117,12 @@ fn auth_user(auth: &BasicAuthentication) -> Result<LdapUser, AuthError> {
|
|||
groups: groups,
|
||||
mail: mail,
|
||||
services: services,
|
||||
username: username,
|
||||
})
|
||||
}
|
||||
|
||||
use models::{ User };
|
||||
|
||||
#[derive(FromForm)]
|
||||
struct LoginData {
|
||||
username: String,
|
||||
|
|
@ -138,15 +146,22 @@ fn login_form(flash: Option<FlashMessage<'_, '_>>) -> Template {
|
|||
}
|
||||
|
||||
#[post("/login", data = "<form_data>")]
|
||||
fn login(form_data: Form<LoginData>) -> Result<Redirect, Flash<Redirect>> {
|
||||
fn login(form_data: Form<LoginData>, conn: AuthDb) -> Result<Redirect, Flash<Redirect>> {
|
||||
let auth = BasicAuthentication {
|
||||
username: form_data.username.to_owned(),
|
||||
password: form_data.password.to_owned(),
|
||||
};
|
||||
match auth_user(&auth) {
|
||||
Ok(_ldap_user) => Ok(Redirect::to("/")),
|
||||
_ => Err(Flash::error(Redirect::to(uri!(login_form)), "Not able to authenticate with given credentials.")),
|
||||
}
|
||||
let ldap_user = match auth_user(&auth) {
|
||||
Ok(ldap_user) => ldap_user,
|
||||
_ => return Err(Flash::error(Redirect::to(uri!(login_form)), "Not able to authenticate with given credentials.")),
|
||||
};
|
||||
let user = match User::find_or_create(&conn, ldap_user.username) {
|
||||
Ok(user) => user,
|
||||
_ => return Err(Flash::error(Redirect::to(uri!(login_form)), "Failed to fetch user")),
|
||||
};
|
||||
println!("User: {:?}", user);
|
||||
|
||||
Ok(Redirect::to("/"))
|
||||
}
|
||||
|
||||
fn jwk_from_pem(file_path: &Path) -> Result<JWK<Empty>, Box<dyn std::error::Error + 'static>> {
|
||||
|
|
|
|||
Loading…
Reference in New Issue