fmt : rustrover formatter is different from cargo fmt ¯\_(ツ)_/¯
This commit is contained in:
parent
0638f48397
commit
2e0ba6e53c
3 changed files with 138 additions and 135 deletions
58
src/main.rs
58
src/main.rs
|
@ -1,44 +1,44 @@
|
||||||
use skynet_ldap_backend::{
|
use skynet_ldap_backend::{
|
||||||
db_init, get_config,
|
db_init, get_config,
|
||||||
methods::{account_new, account_recover, account_update, account_ssh},
|
methods::{account_new, account_recover, account_ssh, account_update},
|
||||||
State,
|
State,
|
||||||
};
|
};
|
||||||
|
|
||||||
#[async_std::main]
|
#[async_std::main]
|
||||||
async fn main() -> tide::Result<()> {
|
async fn main() -> tide::Result<()> {
|
||||||
let config = get_config();
|
let config = get_config();
|
||||||
let db = db_init(&config).await?;
|
let db = db_init(&config).await?;
|
||||||
|
|
||||||
let host_port = config.host_port.clone();
|
let host_port = config.host_port.clone();
|
||||||
|
|
||||||
tide::log::start();
|
tide::log::start();
|
||||||
|
|
||||||
let state = State {
|
let state = State {
|
||||||
db,
|
db,
|
||||||
config,
|
config,
|
||||||
};
|
};
|
||||||
|
|
||||||
let mut app = tide::with_state(state);
|
let mut app = tide::with_state(state);
|
||||||
|
|
||||||
// for users to update their own profile
|
// for users to update their own profile
|
||||||
app.at("/ldap/update").post(account_update::submit);
|
app.at("/ldap/update").post(account_update::submit);
|
||||||
|
|
||||||
// for new users
|
// for new users
|
||||||
app.at("/ldap/new/email").post(account_new::email::submit);
|
app.at("/ldap/new/email").post(account_new::email::submit);
|
||||||
app.at("/ldap/new/account").post(account_new::account::submit);
|
app.at("/ldap/new/account").post(account_new::account::submit);
|
||||||
|
|
||||||
// for folks who forget password/username
|
// for folks who forget password/username
|
||||||
app.at("/ldap/recover/password").post(account_recover::password::reset);
|
app.at("/ldap/recover/password").post(account_recover::password::reset);
|
||||||
app.at("/ldap/recover/password/auth").post(account_recover::password::auth);
|
app.at("/ldap/recover/password/auth").post(account_recover::password::auth);
|
||||||
app.at("/ldap/recover/username").post(account_recover::username::submit);
|
app.at("/ldap/recover/username").post(account_recover::username::submit);
|
||||||
app.at("/ldap/recover/ssh/request").post(account_recover::ssh::request);
|
app.at("/ldap/recover/ssh/request").post(account_recover::ssh::request);
|
||||||
app.at("/ldap/recover/ssh/verify").post(account_recover::ssh::verify);
|
app.at("/ldap/recover/ssh/verify").post(account_recover::ssh::verify);
|
||||||
|
|
||||||
//for getting current ssh keys associated with the account
|
//for getting current ssh keys associated with the account
|
||||||
app.at("/ldap/ssh").post(account_ssh::get_ssh_keys);
|
app.at("/ldap/ssh").post(account_ssh::get_ssh_keys);
|
||||||
app.at("/ldap/ssh").delete(account_ssh::remove_ssh_key);
|
app.at("/ldap/ssh").delete(account_ssh::remove_ssh_key);
|
||||||
app.at("/ldap/ssh/add").post(account_ssh::add_ssh_key);
|
app.at("/ldap/ssh/add").post(account_ssh::add_ssh_key);
|
||||||
|
|
||||||
app.listen(host_port).await?;
|
app.listen(host_port).await?;
|
||||||
Ok(())
|
Ok(())
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,137 +1,140 @@
|
||||||
use std::collections::HashSet;
|
use crate::{LdapAuth, LdapAuthResult, State};
|
||||||
use crate::{State, LdapAuthResult, LdapAuth};
|
|
||||||
use ldap3::{LdapConn, Mod, Scope, SearchEntry};
|
use ldap3::{LdapConn, Mod, Scope, SearchEntry};
|
||||||
|
use std::collections::HashSet;
|
||||||
use tide::{
|
use tide::{
|
||||||
prelude::{json, Deserialize},
|
prelude::{json, Deserialize},
|
||||||
Request,
|
Request,
|
||||||
};
|
};
|
||||||
|
|
||||||
#[derive(Debug, Deserialize)]
|
#[derive(Debug, Deserialize)]
|
||||||
pub struct SSHKey {
|
pub struct SSHKey {
|
||||||
auth: LdapAuth,
|
auth: LdapAuth,
|
||||||
key: String,
|
key: String,
|
||||||
}
|
}
|
||||||
|
|
||||||
pub async fn add_ssh_key(mut req: Request<State>) -> tide::Result {
|
pub async fn add_ssh_key(mut req: Request<State>) -> tide::Result {
|
||||||
let SSHKey {
|
let SSHKey {
|
||||||
auth,
|
auth,
|
||||||
key,
|
key,
|
||||||
} = req.body_json().await?;
|
} = req.body_json().await?;
|
||||||
|
|
||||||
let config = &req.state().config;
|
let config = &req.state().config;
|
||||||
|
|
||||||
let mut ldap = LdapConn::new(&config.ldap_host)?;
|
let mut ldap = LdapConn::new(&config.ldap_host)?;
|
||||||
|
|
||||||
let dn = format!("uid={},ou=users,dc=skynet,dc=ie", auth.user);
|
let dn = format!("uid={},ou=users,dc=skynet,dc=ie", auth.user);
|
||||||
ldap.simple_bind(&dn, &auth.pass)?.success()?;
|
ldap.simple_bind(&dn, &auth.pass)?.success()?;
|
||||||
|
|
||||||
let LdapAuthResult {
|
let LdapAuthResult {
|
||||||
mut ldap,
|
mut ldap,
|
||||||
dn,
|
dn,
|
||||||
is_skynet_user: _,
|
is_skynet_user: _,
|
||||||
} = match crate::auth_user(&auth, config).await {
|
} = match crate::auth_user(&auth, config).await {
|
||||||
None => return Ok(json!({"result": "error", "error": "Failed to authenticate"}).into()),
|
None => return Ok(json!({"result": "error", "error": "Failed to authenticate"}).into()),
|
||||||
Some(x) => x,
|
Some(x) => x,
|
||||||
};
|
};
|
||||||
|
|
||||||
let mods = vec![
|
let mods = vec![Mod::Add("sshPublicKey".to_string(), HashSet::from([key]))];
|
||||||
Mod::Add("sshPublicKey".to_string(), HashSet::from([key])),
|
match ldap.modify(&dn, mods) {
|
||||||
];
|
Ok(_) => {
|
||||||
match ldap.modify(&dn, mods) {
|
ldap.unbind()?;
|
||||||
Ok(_) => {
|
Ok(json!({"result": "success"}).into())
|
||||||
ldap.unbind()?;
|
|
||||||
Ok(json!({"result": "success"}).into())
|
|
||||||
}
|
|
||||||
Err(e) => {
|
|
||||||
dbg!(e);
|
|
||||||
ldap.unbind()?;
|
|
||||||
Ok(json!({"result": "error", "error": "Failed to add key"}).into())
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
Err(e) => {
|
||||||
|
dbg!(e);
|
||||||
|
ldap.unbind()?;
|
||||||
|
Ok(json!({"result": "error", "error": "Failed to add key"}).into())
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
pub async fn remove_ssh_key(mut req: Request<State>) -> tide::Result {
|
pub async fn remove_ssh_key(mut req: Request<State>) -> tide::Result {
|
||||||
let SSHKey {
|
let SSHKey {
|
||||||
auth,
|
auth,
|
||||||
key,
|
key,
|
||||||
} = req.body_json().await?;
|
} = req.body_json().await?;
|
||||||
let config = &req.state().config;
|
let config = &req.state().config;
|
||||||
let mut ldap = LdapConn::new(&config.ldap_host)?;
|
let mut ldap = LdapConn::new(&config.ldap_host)?;
|
||||||
let dn = format!("uid={},ou=users,dc=skynet,dc=ie", auth.user);
|
let dn = format!("uid={},ou=users,dc=skynet,dc=ie", auth.user);
|
||||||
|
|
||||||
match ldap.simple_bind(&dn, &auth.pass) {
|
match ldap.simple_bind(&dn, &auth.pass) {
|
||||||
Ok(_) => {}
|
Ok(_) => {}
|
||||||
Err(e) => {
|
Err(e) => {
|
||||||
dbg!(e);
|
dbg!(e);
|
||||||
return Ok(json!({"result": "error", "error": "Failed to bind"}).into());
|
return Ok(json!({"result": "error", "error": "Failed to bind"}).into());
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
let LdapAuthResult {
|
let LdapAuthResult {
|
||||||
mut ldap,
|
mut ldap,
|
||||||
dn,
|
dn,
|
||||||
is_skynet_user: _
|
is_skynet_user: _,
|
||||||
} = match crate::auth_user(&auth, config).await {
|
} = match crate::auth_user(&auth, config).await {
|
||||||
None => return Ok(json!({"result": "error", "error": "Failed to authenticate"}).into()),
|
None => return Ok(json!({"result": "error", "error": "Failed to authenticate"}).into()),
|
||||||
Some(x) => x,
|
Some(x) => x,
|
||||||
};
|
};
|
||||||
|
|
||||||
let mods = vec![
|
let mods = vec![Mod::Delete("sshPublicKey".to_string(), HashSet::from([key]))];
|
||||||
Mod::Delete("sshPublicKey".to_string(), HashSet::from([key])),
|
|
||||||
];
|
|
||||||
|
|
||||||
match ldap.modify(&dn, mods) {
|
match ldap.modify(&dn, mods) {
|
||||||
Ok(_) => {
|
Ok(_) => {
|
||||||
ldap.unbind()?;
|
ldap.unbind()?;
|
||||||
Ok(json!({"result": "success"}).into())
|
Ok(json!({"result": "success"}).into())
|
||||||
}
|
|
||||||
Err(e) => {
|
|
||||||
dbg!(e);
|
|
||||||
ldap.unbind()?;
|
|
||||||
Ok(json!({"result": "error", "error": "Failed to remove key"}).into())
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
Err(e) => {
|
||||||
|
dbg!(e);
|
||||||
|
ldap.unbind()?;
|
||||||
|
Ok(json!({"result": "error", "error": "Failed to remove key"}).into())
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
pub async fn get_ssh_keys(mut req: Request<State>) -> tide::Result {
|
pub async fn get_ssh_keys(mut req: Request<State>) -> tide::Result {
|
||||||
let LdapAuth {
|
let LdapAuth {
|
||||||
user,
|
user,
|
||||||
pass
|
pass,
|
||||||
} = req.body_json().await?;
|
} = req.body_json().await?;
|
||||||
let config = &req.state().config;
|
let config = &req.state().config;
|
||||||
|
|
||||||
let mut ldap = LdapConn::new(&config.ldap_host)?;
|
let mut ldap = LdapConn::new(&config.ldap_host)?;
|
||||||
|
|
||||||
let dn = format!("uid={},ou=users,dc=skynet,dc=ie", user);
|
let dn = format!("uid={},ou=users,dc=skynet,dc=ie", user);
|
||||||
ldap.simple_bind(&dn, &pass)?.success()?;
|
ldap.simple_bind(&dn, &pass)?.success()?;
|
||||||
|
|
||||||
let LdapAuthResult {
|
let LdapAuthResult {
|
||||||
mut ldap,
|
mut ldap,
|
||||||
dn,
|
dn,
|
||||||
is_skynet_user: _,
|
is_skynet_user: _,
|
||||||
} = match crate::auth_user(&LdapAuth { user, pass }, config).await {
|
} = match crate::auth_user(
|
||||||
None => return Ok(json!({"result": "error", "error": "Failed to authenticate"}).into()),
|
&LdapAuth {
|
||||||
Some(x) => if x.is_skynet_user {
|
user,
|
||||||
x
|
pass,
|
||||||
} else {
|
},
|
||||||
return Ok(json!({"result": "error", "error": "Not a skynet user"}).into());
|
config,
|
||||||
}
|
)
|
||||||
};
|
.await
|
||||||
|
{
|
||||||
|
None => return Ok(json!({"result": "error", "error": "Failed to authenticate"}).into()),
|
||||||
let mut keys: Vec<String> = vec![];
|
Some(x) => {
|
||||||
let (rs, _res) = ldap.search(&dn, Scope::Base, "(objectClass=*)", vec!["sshPublicKey"])?.success()?;
|
if x.is_skynet_user {
|
||||||
for entry in rs {
|
x
|
||||||
let tmp = SearchEntry::construct(entry);
|
} else {
|
||||||
if tmp.attrs.contains_key("sshPublicKey") {
|
return Ok(json!({"result": "error", "error": "Not a skynet user"}).into());
|
||||||
for key in tmp.attrs["sshPublicKey"].clone() {
|
}
|
||||||
keys.push(key);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
ldap.unbind()?;
|
};
|
||||||
|
|
||||||
Ok(json!({"result": "success", "success": keys}).into())
|
let mut keys: Vec<String> = vec![];
|
||||||
|
let (rs, _res) = ldap.search(&dn, Scope::Base, "(objectClass=*)", vec!["sshPublicKey"])?.success()?;
|
||||||
|
for entry in rs {
|
||||||
|
let tmp = SearchEntry::construct(entry);
|
||||||
|
if tmp.attrs.contains_key("sshPublicKey") {
|
||||||
|
for key in tmp.attrs["sshPublicKey"].clone() {
|
||||||
|
keys.push(key);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
ldap.unbind()?;
|
||||||
|
|
||||||
|
Ok(json!({"result": "success", "success": keys}).into())
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
pub mod account_new;
|
pub mod account_new;
|
||||||
pub mod account_recover;
|
pub mod account_recover;
|
||||||
pub mod account_update;
|
|
||||||
pub mod account_ssh;
|
pub mod account_ssh;
|
||||||
|
pub mod account_update;
|
Loading…
Reference in a new issue