ldap_backend/README.md

199 lines
3.2 KiB
Markdown
Raw Normal View History

2023-07-23 21:24:03 +00:00
# Skynet LDAP backend
2023-08-07 17:30:41 +00:00
Basic information on the Skynet ldap backend for use on <https://account.skynet.ie>
2023-07-23 21:24:03 +00:00
### Error: HTTP 500
No indication of the issue is returned to teh frontend.
## Routes
2023-08-07 17:30:41 +00:00
Base URL: <https://api.account.skynet.ie>
2023-07-23 21:24:03 +00:00
### POST /ldap/update
Fields:
* userPassword
* mail
* sshPublicKey
* cn
* sn
* skDiscord
```json
{
"user" : "username",
"pass" : "password",
"field": "field to change",
"value": "new value of field"
}
```
Success:
Each value is either a string or ``null``.
```json
{
"result": "success",
"success": {
"cn": "Firstname Surname",
"mail": "Email address",
"skDiscord": null,
"sshPublicKey": "ssh key"
}
}
```
2023-07-23 21:24:03 +00:00
Changing ``userPassword`` requires the existing password in teh apssword field and the new one in teh value field.
2023-08-06 11:50:32 +00:00
### POST /ldap/new/email
Kickstarts teh process of signing up to Skynet
```json
{
"email" : "User's wolves email"
}
```
### POST /ldap/new/account
Verifies teh user has access to this email
2023-07-23 21:24:03 +00:00
```json
{
2023-07-30 01:50:13 +00:00
"auth" : "Authcode from the email",
2023-07-23 21:24:03 +00:00
"user" : "username the user wants",
2023-07-30 01:50:13 +00:00
"pass" : "password teh user wants"
2023-07-23 21:24:03 +00:00
}
```
2023-07-30 01:50:13 +00:00
Username taken:
2023-07-23 21:24:03 +00:00
```json
{"result": "error", "error": "username not available"}
```
2023-07-30 01:50:13 +00:00
Invalid Auth:
2023-07-23 21:24:03 +00:00
```json
2023-07-30 01:50:13 +00:00
{"result": "error", "error": "Invalid auth"}
2023-07-23 21:24:03 +00:00
```
## Responses
Generic responses which is used unless otherwise specified above.
### POST /ldap/recover/username
Sends an email to the user of the address reminding them of their username (if there is an account associated with said username).
```json
{
"email" : "email looking for remidner"
}
```
2023-08-06 13:43:49 +00:00
### POST /ldap/recover/password
2023-07-30 22:22:40 +00:00
```json
{
"user" : "[OPTIONAL] username looking for reset",
"email" : "[OPTIONAL] email looking for reset"
}
```
All responses:
```json
{"result": "success"}
```
2023-08-06 13:43:49 +00:00
### POST /ldap/recover/password/auth
2023-07-30 22:22:40 +00:00
```json
2023-08-19 20:29:23 +00:00
{
2023-07-30 22:22:40 +00:00
"auth" : "Auth key from teh email",
"pass" : "Password the user chooses"
}
```
Early Errors:
```json
{"result": "error"}
```
LDAP error:
```json
{"result": "error", "error": "ldap error"}
```
Success:
```json
{"result": "success", "success": "Password set"}
```
2023-08-19 20:29:23 +00:00
### POST /ldap/recover/ssh/request
This endpoint can set emails for old skynet members who previously logged in via ssh keys.
1. Request for their account.
2. A list of public keys will be displayed.
3. Sign using one of the private keys.
4. Submit the pem value.
```bash
echo "auth code" | ssh-keygen -Y sign -n file -f /path/to/private/key
```
```json
{
"user" : "Skynet username",
"email" : "Email to set"
}
```
Errors:
```json
{"result": "error", "error": "Skynet email not permitted."}
```
```json
{ "result": "success", "success": { "auth": "", "keys": [] }}
```
```json
{ "result": "success", "success": { "auth": "code here", "keys": ["key 1", "key 2"] }}
```
### POST /ldap/recover/ssh/verify
```json
{
"user" : "Skynet username",
"auth_signed" : "signed auth code"
}
```
#### Errors
```json
{ "result": "error"}
```
```json
{ "result": "error", "error": "Incorrect signed format"}
```
```json
{"result": "error", "error": "no valid key"}
```
#### Success
```json
{"result": "success", "success": "key valid"}
```
2023-07-30 22:22:40 +00:00
## Responses
Generic responses which is used unless otherwise specified above.
2023-07-23 21:24:03 +00:00
### Success: HTTP 200
```json
{
"result": "success"
}
```