work on LDAP

models/ldap.go

@@ -22,7 +22,8 @@ type LdapConfig struct {
 }
 
 var systemCA *x509.CertPool
-var certLoaded bool
+var CertLoaded bool
+var LdapEnabled bool
 
 func GetFilePath(path string) string {
 	// Check for empty filename
@@ -80,7 +81,7 @@ func LoadLdapCert() {
 		// Add custom certificate to the system cert pool
 		systemCA.AddCert(crt)
 
-		certLoaded = true
+		CertLoaded = true
 	}
 }
 
@@ -91,6 +92,8 @@ func VerifyLdapCreds(username string, password string) bool {
 	if ldapServer == "" {
 		log.Printf("VerifyLdapCreds no LDAP bind address supplied\n")
 		return false
+	} else {
+		LdapEnabled = true
 	}
 
 	ldapBaseDn := os.Getenv("LDAP_BASE_DN")

models/user.go

@@ -1,6 +1,7 @@
 package models
 
 import (
+	"database/sql"
 	"errors"
 	"log"
 	"net/http"
@@ -91,6 +92,18 @@ func LoginCheck(username string, password string) (string, error) {
 	err = db.QueryRowx("SELECT * FROM Users WHERE Username=?", username).StructScan(&u)
 
 	if err != nil {
+		if err == sql.ErrNoRows {
+			// check LDAP if enabled
+			if LdapEnabled {
+				//check, err := LdapLoginCheck(username, password)
+				check := VerifyLdapCreds(username, password)
+				if check {
+					u.UserId = StoreLdapUser(username)
+				}
+			} else {
+				return "", errors.New("specified user not found in database")
+			}
+		}
 		log.Printf("LoginCheck error retrieving user from database : '%s'\n", err)
 		return "", err
 	} else {
@@ -120,6 +133,14 @@ func LoginCheck(username string, password string) (string, error) {
 
 }
 
+// StoreLdapUser creates a user record in the database and returns the corresponding userId
+func StoreLdapUser(username string) int {
+
+	// TODO
+
+	return 99
+}
+
 func GetUserByID(uid uint) (User, error) {
 
 	var u User