nathan/smt
1
0
Fork 0
Code Issues 4 Pull Requests Packages Projects Releases 2 Wiki Activity

improve adding ldap user
All checks were successful
continuous-integration/drone/push Build is passing
Details

Browse Source
This commit is contained in:
Nathan Coad
2024-04-02 14:13:21 +11:00
parent 1171a7bbaa
commit a78f2b7c88
2 changed files with 33 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
README.md
View File

@@ -146,6 +146,17 @@ Body
} }
``` ```
Add an ldap user
Body
```
{
"userName": "Ldap User",
"groupName": "Users",
"ldapUser": true
}
```
Registering a user requires specifying the group to which the user will belong. There are 2 built-in groups, with groupName of 'Administrators' or 'Users' and corresponding groupId of 1 and 2 respectively. Available groups can be retrieved via the `/api/admin/groups/list` Registering a user requires specifying the group to which the user will belong. There are 2 built-in groups, with groupName of 'Administrators' or 'Users' and corresponding groupId of 1 and 2 respectively. Available groups can be retrieved via the `/api/admin/groups/list`
This operation can only be performed by a user that is a member of a group with the admin flag enabled, or a user who has the admin flag enabled individually on their database record. This operation can only be performed by a user that is a member of a group with the admin flag enabled, or a user who has the admin flag enabled individually on their database record.

36
controllers/auth.go
View File

@@ -17,9 +17,10 @@ import (
type AddUserInput struct { type AddUserInput struct {
UserName string `json:"userName" binding:"required"` UserName string `json:"userName" binding:"required"`
Password string `json:"password" binding:"required"` Password string `json:"password"`
GroupId int `json:"groupId"` GroupId int `json:"groupId"`
GroupName string `json:"groupName"` GroupName string `json:"groupName"`
LdapUser bool `json:"ldapUser"`
//RoleId int `json:"roleid"` //RoleId int `json:"roleid"`
} }
@@ -99,12 +100,17 @@ func AddUser(c *gin.Context) {
} }
if len(input.UserName) == 0 { if len(input.UserName) == 0 {
c.JSON(http.StatusBadRequest, gin.H{"error": "no username specified"}) c.JSON(http.StatusBadRequest, gin.H{"error": "username must be specified"})
return return
} }
if len(input.Password) == 0 { if len(input.Password) == 0 && !input.LdapUser {
c.JSON(http.StatusBadRequest, gin.H{"error": "no password specified"}) c.JSON(http.StatusBadRequest, gin.H{"error": "password must be specified for non-ldap user"})
return
}
if input.LdapUser && len(input.Password) > 0 {
c.JSON(http.StatusBadRequest, gin.H{"error": "password should not be specified for ldap user"})
return return
} }
@@ -161,18 +167,20 @@ func AddUser(c *gin.Context) {
return return
} }
//turn password into hash //turn password into hash if defined
hashedPassword, err := bcrypt.GenerateFromPassword([]byte(u.Password), bcrypt.DefaultCost) if len(input.Password) > 0 {
if err != nil { hashedPassword, err := bcrypt.GenerateFromPassword([]byte(u.Password), bcrypt.DefaultCost)
c.JSON(http.StatusBadRequest, gin.H{"Error hashing password": err.Error()}) if err != nil {
return c.JSON(http.StatusBadRequest, gin.H{"Error hashing password": err.Error()})
} else { return
//log.Printf("Register generated hashed password value '%s' from '%s'\n", string(hashedPassword), input.Password) } else {
log.Printf("Register generated hashed password value '%s'\n", string(hashedPassword)) //log.Printf("Register generated hashed password value '%s' from '%s'\n", string(hashedPassword), input.Password)
log.Printf("Register generated hashed password value '%s'\n", string(hashedPassword))
}
u.Password = string(hashedPassword)
} }
u.Password = string(hashedPassword)
_, err = u.SaveUser() _, err := u.SaveUser()
if err != nil { if err != nil {
c.JSON(http.StatusBadRequest, gin.H{"Error saving user": err.Error()}) c.JSON(http.StatusBadRequest, gin.H{"Error saving user": err.Error()})