feat: able to deal with password changes now
This commit is contained in:
parent
b1b533226a
commit
1b5563301f
1 changed files with 17 additions and 8 deletions
25
src/main.rs
25
src/main.rs
|
@ -107,24 +107,33 @@ async fn post_update_ldap(mut req: Request<State>) -> tide::Result {
|
||||||
ldap.simple_bind(&dn, &pass)?.success()?;
|
ldap.simple_bind(&dn, &pass)?.success()?;
|
||||||
|
|
||||||
// always assume insecure
|
// always assume insecure
|
||||||
let mut secure = false;
|
let mut pw_keep_same = false;
|
||||||
|
|
||||||
// get the users current password hash
|
// get the users current password hash
|
||||||
let (rs, _res) = ldap.search(&dn,Scope::Base,"(objectClass=*)",vec!["userPassword"])?.success()?;
|
let (rs, _res) = ldap.search(&dn,Scope::Base,"(objectClass=*)",vec!["userPassword"])?.success()?;
|
||||||
if !rs.is_empty() {
|
if !rs.is_empty() {
|
||||||
let tmp = SearchEntry::construct(rs[0].clone());
|
let tmp = SearchEntry::construct(rs[0].clone());
|
||||||
if !tmp.attrs["userPassword"].is_empty() && tmp.attrs["userPassword"][0].starts_with("{SHA512}") {
|
if !tmp.attrs["userPassword"].is_empty() && tmp.attrs["userPassword"][0].starts_with("{SHA512}") {
|
||||||
secure = true;
|
pw_keep_same = true;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
let mut mods = vec![
|
|
||||||
Mod::Replace(field, HashSet::from([value]))
|
let mut mods = vec![];
|
||||||
];
|
|
||||||
|
// check if the password field itself is being updated
|
||||||
if !secure {
|
let pass_new = if &field != "userPassword" {
|
||||||
|
mods.push(Mod::Replace(field, HashSet::from([value])));
|
||||||
|
// retain the older password
|
||||||
|
pass
|
||||||
|
} else {
|
||||||
|
pw_keep_same = false;
|
||||||
|
value
|
||||||
|
};
|
||||||
|
|
||||||
|
if !pw_keep_same {
|
||||||
let mut hasher = Sha512::new();
|
let mut hasher = Sha512::new();
|
||||||
|
|
||||||
hasher.input_str(&pass);
|
hasher.input_str(&pass_new);
|
||||||
|
|
||||||
// get it as hex string
|
// get it as hex string
|
||||||
let hex = hasher.result_str();
|
let hex = hasher.result_str();
|
||||||
|
|
Loading…
Reference in a new issue