ldap_backend/src/lib.rs

195 lines
5.7 KiB
Rust
Raw Normal View History

pub mod methods;
use dotenv::dotenv;
2023-06-04 21:06:34 +00:00
use ldap3::{LdapConn, Scope, SearchEntry};
2023-05-25 23:02:12 +00:00
use sqlx::sqlite::{SqliteConnectOptions, SqlitePoolOptions};
use sqlx::{Error, Pool, Sqlite};
use std::env;
2023-05-25 23:02:12 +00:00
use std::str::FromStr;
use std::time::{SystemTime, UNIX_EPOCH};
use tide::prelude::*;
#[derive(Debug, Deserialize, Serialize, sqlx::FromRow)]
pub struct AccountsPending {
user: String,
mail: String,
cn: String,
sn: String,
2023-06-04 21:06:34 +00:00
auth_code: String,
// action will be what to do with it
action: String,
// will only last for a few hours
2023-06-04 21:06:34 +00:00
expiry: i64,
}
2023-05-25 23:02:12 +00:00
#[derive(Debug, Deserialize, Serialize, sqlx::FromRow)]
pub struct Accounts {
user: String,
uid_number: i64,
discord: Option<String>,
2023-06-04 21:06:34 +00:00
enabled: bool,
}
pub async fn db_init(config: &Config) -> Result<Pool<Sqlite>, Error> {
let database = format!("{}/{}", &config.home, &config.database);
2023-05-25 23:02:12 +00:00
let pool = SqlitePoolOptions::new()
.max_connections(5)
.connect_with(SqliteConnectOptions::from_str(&format!("sqlite://{}", database))?.create_if_missing(true))
.await?;
sqlx::query(
"CREATE TABLE IF NOT EXISTS accounts_pending (
user text primary key,
mail text not null,
cn text not null,
sn text not null,
action text not null,
auth_code text not null,
expiry integer not null
2023-05-25 23:02:12 +00:00
)",
)
.execute(&pool)
.await?;
2023-05-25 23:51:36 +00:00
// this is for active use
sqlx::query(
"CREATE TABLE IF NOT EXISTS accounts (
user text primary key,
uid_number integer not null,
discord text,
enabled integer not null
)",
2023-06-04 21:06:34 +00:00
)
.execute(&pool)
.await?;
2023-06-04 21:06:34 +00:00
sqlx::query("CREATE INDEX IF NOT EXISTS index_uid_number ON accounts (uid_number)")
.execute(&pool)
.await?;
update_accounts(&pool, config).await;
2023-06-04 21:06:34 +00:00
2023-05-25 23:02:12 +00:00
Ok(pool)
}
pub fn get_now() -> i64 {
if let Ok(x) = SystemTime::now().duration_since(UNIX_EPOCH) {
x.as_secs() as i64
} else {
0
}
}
#[derive(Clone)]
pub struct State {
pub db: Pool<Sqlite>,
pub config: Config,
}
#[derive(Debug, Clone)]
pub struct Config {
pub ldap_host: String,
pub ldap_admin: String,
pub ldap_admin_pw: String,
pub home: String,
pub database: String,
pub csv: String,
pub host_port: String,
}
pub fn get_config() -> Config {
dotenv().ok();
// reasonable defaults
let mut config = Config {
ldap_host: "".to_string(),
ldap_admin: "".to_string(),
ldap_admin_pw: "".to_string(),
home: ".".to_string(),
database: "database.db".to_string(),
csv: "wolves.csv".to_string(),
host_port: "127.0.0.1:8087".to_string(),
};
if let Ok(x) = env::var("LDAP_HOST") {
config.ldap_host = x.trim().to_string();
}
if let Ok(x) = env::var("LDAP_ADMIN") {
config.ldap_admin = x.trim().to_string();
}
if let Ok(x) = env::var("LDAP_ADMIN_PW") {
config.ldap_admin_pw = x.trim().to_string();
}
if let Ok(x) = env::var("HOME") {
config.home = x.trim().to_string();
}
if let Ok(x) = env::var("DATABASE") {
config.database = x.trim().to_string();
}
if let Ok(x) = env::var("CSV") {
config.csv = x.trim().to_string();
}
if let Ok(x) = env::var("HOST_PORT") {
config.host_port = x.trim().to_string();
}
config
}
async fn update_accounts(pool: &Pool<Sqlite>, config: &Config) {
let mut ldap = LdapConn::new(&config.ldap_host).unwrap();
ldap.simple_bind(&config.ldap_admin, &config.ldap_admin_pw).unwrap().success().unwrap();
if let Ok(x) = ldap.search("ou=users,dc=skynet,dc=ie", Scope::OneLevel, "(objectClass=*)", vec!["uid", "uidNumber", "skDiscord", "skMemberOf"]) {
if let Ok((rs, _res)) = x.success() {
for entry in rs {
let tmp = SearchEntry::construct(entry);
let mut tmp_account = Accounts {
user: "".to_string(),
uid_number: 0,
discord: None,
enabled: false,
};
2023-06-04 21:06:34 +00:00
// pull out the required info
if tmp.attrs.contains_key("uid") && !tmp.attrs["uid"].is_empty() {
tmp_account.user = tmp.attrs["uid"][0].clone();
}
if tmp.attrs.contains_key("uidNumber") && !tmp.attrs["uidNumber"].is_empty() {
tmp_account.uid_number = tmp.attrs["uidNumber"][0].clone().parse().unwrap_or(0);
}
if tmp.attrs.contains_key("skDiscord") && !tmp.attrs["skDiscord"].is_empty() {
tmp_account.discord = Option::from(tmp.attrs["skDiscord"][0].clone());
}
if tmp.attrs.contains_key("skMemberOf")
&& !tmp.attrs["skMemberOf"].is_empty()
&& tmp.attrs["skMemberOf"].contains(&String::from("cn=skynet-users-linux,ou=groups,dc=skynet,dc=ie"))
{
tmp_account.enabled = true;
}
2023-06-04 21:06:34 +00:00
if !tmp_account.user.is_empty() {
sqlx::query_as::<_, Accounts>(
2023-06-04 21:06:34 +00:00
"
INSERT OR REPLACE INTO accounts (user, uid_number, discord, enabled)
VALUES (?1, ?2, ?3, ?4)
",
)
2023-06-04 21:06:34 +00:00
.bind(&tmp_account.user)
.bind(tmp_account.uid_number)
.bind(&tmp_account.discord)
.bind(tmp_account.enabled)
.fetch_optional(pool)
.await
.ok();
}
}
}
}
// done with ldap
ldap.unbind().unwrap();
}