diff --git a/src/main.rs b/src/main.rs index 2d4af06..b3ffb03 100644 --- a/src/main.rs +++ b/src/main.rs @@ -1,44 +1,44 @@ use skynet_ldap_backend::{ - db_init, get_config, - methods::{account_new, account_recover, account_update, account_ssh}, - State, + db_init, get_config, + methods::{account_new, account_recover, account_ssh, account_update}, + State, }; #[async_std::main] async fn main() -> tide::Result<()> { - let config = get_config(); - let db = db_init(&config).await?; + let config = get_config(); + let db = db_init(&config).await?; - let host_port = config.host_port.clone(); + let host_port = config.host_port.clone(); - tide::log::start(); + tide::log::start(); - let state = State { - db, - config, - }; + let state = State { + db, + config, + }; - let mut app = tide::with_state(state); + let mut app = tide::with_state(state); - // for users to update their own profile - app.at("/ldap/update").post(account_update::submit); + // for users to update their own profile + app.at("/ldap/update").post(account_update::submit); - // for new users - app.at("/ldap/new/email").post(account_new::email::submit); - app.at("/ldap/new/account").post(account_new::account::submit); + // for new users + app.at("/ldap/new/email").post(account_new::email::submit); + app.at("/ldap/new/account").post(account_new::account::submit); - // for folks who forget password/username - app.at("/ldap/recover/password").post(account_recover::password::reset); - app.at("/ldap/recover/password/auth").post(account_recover::password::auth); - app.at("/ldap/recover/username").post(account_recover::username::submit); - app.at("/ldap/recover/ssh/request").post(account_recover::ssh::request); - app.at("/ldap/recover/ssh/verify").post(account_recover::ssh::verify); + // for folks who forget password/username + app.at("/ldap/recover/password").post(account_recover::password::reset); + app.at("/ldap/recover/password/auth").post(account_recover::password::auth); + app.at("/ldap/recover/username").post(account_recover::username::submit); + app.at("/ldap/recover/ssh/request").post(account_recover::ssh::request); + app.at("/ldap/recover/ssh/verify").post(account_recover::ssh::verify); - //for getting current ssh keys associated with the account - app.at("/ldap/ssh").post(account_ssh::get_ssh_keys); - app.at("/ldap/ssh").delete(account_ssh::remove_ssh_key); - app.at("/ldap/ssh/add").post(account_ssh::add_ssh_key); + //for getting current ssh keys associated with the account + app.at("/ldap/ssh").post(account_ssh::get_ssh_keys); + app.at("/ldap/ssh").delete(account_ssh::remove_ssh_key); + app.at("/ldap/ssh/add").post(account_ssh::add_ssh_key); - app.listen(host_port).await?; - Ok(()) + app.listen(host_port).await?; + Ok(()) } diff --git a/src/methods/account_ssh.rs b/src/methods/account_ssh.rs index d3735a0..e2b14e8 100644 --- a/src/methods/account_ssh.rs +++ b/src/methods/account_ssh.rs @@ -1,137 +1,140 @@ -use std::collections::HashSet; -use crate::{State, LdapAuthResult, LdapAuth}; +use crate::{LdapAuth, LdapAuthResult, State}; use ldap3::{LdapConn, Mod, Scope, SearchEntry}; +use std::collections::HashSet; use tide::{ - prelude::{json, Deserialize}, - Request, + prelude::{json, Deserialize}, + Request, }; #[derive(Debug, Deserialize)] pub struct SSHKey { - auth: LdapAuth, - key: String, + auth: LdapAuth, + key: String, } pub async fn add_ssh_key(mut req: Request) -> tide::Result { - let SSHKey { - auth, - key, - } = req.body_json().await?; + let SSHKey { + auth, + key, + } = req.body_json().await?; - let config = &req.state().config; + let config = &req.state().config; - let mut ldap = LdapConn::new(&config.ldap_host)?; + let mut ldap = LdapConn::new(&config.ldap_host)?; - let dn = format!("uid={},ou=users,dc=skynet,dc=ie", auth.user); - ldap.simple_bind(&dn, &auth.pass)?.success()?; + let dn = format!("uid={},ou=users,dc=skynet,dc=ie", auth.user); + ldap.simple_bind(&dn, &auth.pass)?.success()?; - let LdapAuthResult { - mut ldap, - dn, - is_skynet_user: _, - } = match crate::auth_user(&auth, config).await { - None => return Ok(json!({"result": "error", "error": "Failed to authenticate"}).into()), - Some(x) => x, - }; + let LdapAuthResult { + mut ldap, + dn, + is_skynet_user: _, + } = match crate::auth_user(&auth, config).await { + None => return Ok(json!({"result": "error", "error": "Failed to authenticate"}).into()), + Some(x) => x, + }; - let mods = vec![ - Mod::Add("sshPublicKey".to_string(), HashSet::from([key])), - ]; - match ldap.modify(&dn, mods) { - Ok(_) => { - ldap.unbind()?; - Ok(json!({"result": "success"}).into()) - } - Err(e) => { - dbg!(e); - ldap.unbind()?; - Ok(json!({"result": "error", "error": "Failed to add key"}).into()) - } + let mods = vec![Mod::Add("sshPublicKey".to_string(), HashSet::from([key]))]; + match ldap.modify(&dn, mods) { + Ok(_) => { + ldap.unbind()?; + Ok(json!({"result": "success"}).into()) } + Err(e) => { + dbg!(e); + ldap.unbind()?; + Ok(json!({"result": "error", "error": "Failed to add key"}).into()) + } + } } pub async fn remove_ssh_key(mut req: Request) -> tide::Result { - let SSHKey { - auth, - key, - } = req.body_json().await?; - let config = &req.state().config; - let mut ldap = LdapConn::new(&config.ldap_host)?; - let dn = format!("uid={},ou=users,dc=skynet,dc=ie", auth.user); + let SSHKey { + auth, + key, + } = req.body_json().await?; + let config = &req.state().config; + let mut ldap = LdapConn::new(&config.ldap_host)?; + let dn = format!("uid={},ou=users,dc=skynet,dc=ie", auth.user); - match ldap.simple_bind(&dn, &auth.pass) { - Ok(_) => {} - Err(e) => { - dbg!(e); - return Ok(json!({"result": "error", "error": "Failed to bind"}).into()); - } + match ldap.simple_bind(&dn, &auth.pass) { + Ok(_) => {} + Err(e) => { + dbg!(e); + return Ok(json!({"result": "error", "error": "Failed to bind"}).into()); } + } - let LdapAuthResult { - mut ldap, - dn, - is_skynet_user: _ - } = match crate::auth_user(&auth, config).await { - None => return Ok(json!({"result": "error", "error": "Failed to authenticate"}).into()), - Some(x) => x, - }; + let LdapAuthResult { + mut ldap, + dn, + is_skynet_user: _, + } = match crate::auth_user(&auth, config).await { + None => return Ok(json!({"result": "error", "error": "Failed to authenticate"}).into()), + Some(x) => x, + }; - let mods = vec![ - Mod::Delete("sshPublicKey".to_string(), HashSet::from([key])), - ]; + let mods = vec![Mod::Delete("sshPublicKey".to_string(), HashSet::from([key]))]; - match ldap.modify(&dn, mods) { - Ok(_) => { - ldap.unbind()?; - Ok(json!({"result": "success"}).into()) - } - Err(e) => { - dbg!(e); - ldap.unbind()?; - Ok(json!({"result": "error", "error": "Failed to remove key"}).into()) - } + match ldap.modify(&dn, mods) { + Ok(_) => { + ldap.unbind()?; + Ok(json!({"result": "success"}).into()) } + Err(e) => { + dbg!(e); + ldap.unbind()?; + Ok(json!({"result": "error", "error": "Failed to remove key"}).into()) + } + } } pub async fn get_ssh_keys(mut req: Request) -> tide::Result { - let LdapAuth { - user, - pass - } = req.body_json().await?; - let config = &req.state().config; + let LdapAuth { + user, + pass, + } = req.body_json().await?; + let config = &req.state().config; - let mut ldap = LdapConn::new(&config.ldap_host)?; + let mut ldap = LdapConn::new(&config.ldap_host)?; - let dn = format!("uid={},ou=users,dc=skynet,dc=ie", user); - ldap.simple_bind(&dn, &pass)?.success()?; + let dn = format!("uid={},ou=users,dc=skynet,dc=ie", user); + ldap.simple_bind(&dn, &pass)?.success()?; - let LdapAuthResult { - mut ldap, - dn, - is_skynet_user: _, - } = match crate::auth_user(&LdapAuth { user, pass }, config).await { - None => return Ok(json!({"result": "error", "error": "Failed to authenticate"}).into()), - Some(x) => if x.is_skynet_user { - x - } else { - return Ok(json!({"result": "error", "error": "Not a skynet user"}).into()); - } - }; - - - let mut keys: Vec = vec![]; - let (rs, _res) = ldap.search(&dn, Scope::Base, "(objectClass=*)", vec!["sshPublicKey"])?.success()?; - for entry in rs { - let tmp = SearchEntry::construct(entry); - if tmp.attrs.contains_key("sshPublicKey") { - for key in tmp.attrs["sshPublicKey"].clone() { - keys.push(key); - } - } + let LdapAuthResult { + mut ldap, + dn, + is_skynet_user: _, + } = match crate::auth_user( + &LdapAuth { + user, + pass, + }, + config, + ) + .await + { + None => return Ok(json!({"result": "error", "error": "Failed to authenticate"}).into()), + Some(x) => { + if x.is_skynet_user { + x + } else { + return Ok(json!({"result": "error", "error": "Not a skynet user"}).into()); + } } - ldap.unbind()?; + }; - Ok(json!({"result": "success", "success": keys}).into()) + let mut keys: Vec = vec![]; + let (rs, _res) = ldap.search(&dn, Scope::Base, "(objectClass=*)", vec!["sshPublicKey"])?.success()?; + for entry in rs { + let tmp = SearchEntry::construct(entry); + if tmp.attrs.contains_key("sshPublicKey") { + for key in tmp.attrs["sshPublicKey"].clone() { + keys.push(key); + } + } + } + ldap.unbind()?; + + Ok(json!({"result": "success", "success": keys}).into()) } - - diff --git a/src/methods/mod.rs b/src/methods/mod.rs index 1662270..311c6f1 100644 --- a/src/methods/mod.rs +++ b/src/methods/mod.rs @@ -1,4 +1,4 @@ pub mod account_new; pub mod account_recover; -pub mod account_update; -pub mod account_ssh; \ No newline at end of file +pub mod account_ssh; +pub mod account_update; \ No newline at end of file