100 lines
2.1 KiB
Go
100 lines
2.1 KiB
Go
package main
|
|
|
|
import (
|
|
"embed"
|
|
"fmt"
|
|
"io/fs"
|
|
"net/http"
|
|
"os"
|
|
|
|
"github.com/gorilla/mux"
|
|
"github.com/sirupsen/logrus"
|
|
)
|
|
|
|
var (
|
|
//go:embed assets
|
|
assetFS embed.FS
|
|
|
|
log = &logrus.Logger{
|
|
Out: os.Stderr,
|
|
Formatter: &logrus.TextFormatter{
|
|
DisableTimestamp: true,
|
|
},
|
|
Hooks: logrus.LevelHooks{},
|
|
Level: logrus.InfoLevel,
|
|
ExitFunc: os.Exit,
|
|
ReportCaller: false,
|
|
}
|
|
)
|
|
|
|
func main() {
|
|
cfg, err := parseConfig()
|
|
if err != nil {
|
|
log.Fatalf("Configuration error: %s", err)
|
|
}
|
|
|
|
ldap, err := newLDAP(cfg.Ldap)
|
|
if err != nil {
|
|
log.Fatalf("Error initializing LDAP connection: %s", err)
|
|
}
|
|
|
|
assetHandler, err := initAssets()
|
|
if err != nil {
|
|
log.Fatalf("Error initializing assets: %s", err)
|
|
}
|
|
|
|
r := mux.NewRouter()
|
|
r.Path("/api/change-password").Handler(changePasswordHandler(ldap))
|
|
r.PathPrefix("/").Handler(assetHandler)
|
|
|
|
log.Infof("Listening on %s...", cfg.ListenAddr)
|
|
log.Error(http.ListenAndServe(cfg.ListenAddr, r))
|
|
}
|
|
|
|
func initAssets() (http.Handler, error) {
|
|
subDir, err := fs.Sub(assetFS, "assets")
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return http.FileServer(http.FS(subDir)), nil
|
|
}
|
|
|
|
func changePasswordHandler(ldap *ldapConnection) http.HandlerFunc {
|
|
return func(w http.ResponseWriter, r *http.Request) {
|
|
if err := r.ParseForm(); err != nil {
|
|
http.Error(w, fmt.Sprintf("Error parsing form: %s", err), http.StatusBadRequest)
|
|
return
|
|
}
|
|
|
|
username := r.Form.Get("username")
|
|
password := r.Form.Get("password")
|
|
|
|
newPassword := r.Form.Get("new-password")
|
|
newPasswordRepeat := r.Form.Get("repeat-password")
|
|
|
|
if username == "" || password == "" || newPassword == "" || newPasswordRepeat == "" {
|
|
http.Error(w, "All fields are needed!", http.StatusBadRequest)
|
|
return
|
|
}
|
|
|
|
if newPassword != newPasswordRepeat {
|
|
http.Error(w, "New passwords do not match!", http.StatusBadRequest)
|
|
return
|
|
}
|
|
|
|
ok, err := ldap.ChangePassword(username, password, newPassword)
|
|
if err != nil {
|
|
http.Error(w, fmt.Sprintf("Error changing password: %s", err), http.StatusInternalServerError)
|
|
return
|
|
}
|
|
|
|
if !ok {
|
|
http.Error(w, "Login not valid!", http.StatusForbidden)
|
|
return
|
|
}
|
|
|
|
http.Redirect(w, r, "/", http.StatusFound)
|
|
}
|
|
}
|