Add route for Basic HTTP auth
This commit is contained in:
Pierre-Olivier Mercier
59
login.go
59
login.go
@@ -1,31 +1,38 @@
|
||||
package main
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"html/template"
|
||||
"log"
|
||||
"net/http"
|
||||
|
||||
"gopkg.in/ldap.v2"
|
||||
)
|
||||
|
||||
func login(login string, password string) ([]*ldap.EntryAttribute, error) {
|
||||
conn, err := myLDAP.Connect()
|
||||
if err != nil || conn == nil {
|
||||
return nil, err
|
||||
} else if err := conn.ServiceBind(); err != nil {
|
||||
return nil, err
|
||||
} else if dn, err := conn.SearchDN(login); err != nil {
|
||||
return nil, err
|
||||
} else if err := conn.Bind(dn, password); err != nil {
|
||||
return nil, err
|
||||
} else if entries, err := conn.GetEntry(dn); err != nil {
|
||||
return nil, err
|
||||
} else {
|
||||
return entries, nil
|
||||
}
|
||||
}
|
||||
|
||||
func tryLogin(w http.ResponseWriter, r *http.Request) {
|
||||
if r.Method != "POST" {
|
||||
displayTmpl(w, "login.html", map[string]interface{}{})
|
||||
return
|
||||
}
|
||||
|
||||
conn, err := myLDAP.Connect()
|
||||
if err != nil || conn == nil {
|
||||
log.Println(err)
|
||||
displayTmplError(w, http.StatusInternalServerError, "login.html", map[string]interface{}{"error": err.Error()})
|
||||
} else if err := conn.ServiceBind(); err != nil {
|
||||
log.Println(err)
|
||||
displayTmplError(w, http.StatusInternalServerError, "login.html", map[string]interface{}{"error": err.Error()})
|
||||
} else if dn, err := conn.SearchDN(r.PostFormValue("login")); err != nil {
|
||||
log.Println(err)
|
||||
displayTmplError(w, http.StatusInternalServerError, "login.html", map[string]interface{}{"error": err.Error()})
|
||||
} else if err := conn.Bind(dn, r.PostFormValue("password")); err != nil {
|
||||
log.Println(err)
|
||||
displayTmplError(w, http.StatusUnauthorized, "login.html", map[string]interface{}{"error": err.Error()})
|
||||
} else if entries, err := conn.GetEntry(dn); err != nil {
|
||||
if entries, err := login(r.PostFormValue("login"), r.PostFormValue("password")); err != nil {
|
||||
log.Println(err)
|
||||
displayTmplError(w, http.StatusInternalServerError, "login.html", map[string]interface{}{"error": err.Error()})
|
||||
} else {
|
||||
@@ -42,3 +49,27 @@ func tryLogin(w http.ResponseWriter, r *http.Request) {
|
||||
displayTmpl(w, "message.html", map[string]interface{}{"details": template.HTML(`Login ok<br><br>Here are the information we have about you:` + cnt + "</ul>")})
|
||||
}
|
||||
}
|
||||
|
||||
func httpBasicAuth(w http.ResponseWriter, r *http.Request) {
|
||||
if user, pass, ok := r.BasicAuth(); ok {
|
||||
if entries, err := login(user, pass); err != nil {
|
||||
w.Header().Set("WWW-Authenticate", `Basic realm="nemunai.re restricted"`)
|
||||
w.WriteHeader(http.StatusUnauthorized)
|
||||
w.Write([]byte(err.Error()))
|
||||
} else {
|
||||
w.WriteHeader(http.StatusOK)
|
||||
for _, e := range entries {
|
||||
for _, v := range e.Values {
|
||||
if e.Name != "userPassword" {
|
||||
w.Write([]byte(fmt.Sprintf("%s: %s", e.Name, v)))
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
} else {
|
||||
w.Header().Set("WWW-Authenticate", `Basic realm="nemunai.re restricted"`)
|
||||
w.WriteHeader(http.StatusUnauthorized)
|
||||
w.Write([]byte("Please login"))
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user