Skynet/ldap_backend
6
0
Fork 0
Code Issues 2 Pull requests Projects Releases Packages Wiki Activity Actions

fmt: fmt and clippy

Browse source
This commit is contained in:
silver 2023-06-04 22:06:34 +01:00
parent f7ac2fa951
commit 2e3578bae7
4 changed files with 151 additions and 130 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

24
src/lib.rs
View file

@ -1,11 +1,11 @@
pub mod methods; pub mod methods;
use dotenv::dotenv; use dotenv::dotenv;
use ldap3::{LdapConn, Scope, SearchEntry};
use sqlx::sqlite::{SqliteConnectOptions, SqlitePoolOptions}; use sqlx::sqlite::{SqliteConnectOptions, SqlitePoolOptions};
use sqlx::{Error, Pool, Sqlite}; use sqlx::{Error, Pool, Sqlite};
use std::env; use std::env;
use std::str::FromStr; use std::str::FromStr;
use std::time::{SystemTime, UNIX_EPOCH}; use std::time::{SystemTime, UNIX_EPOCH};
use ldap3::{LdapConn, Scope, SearchEntry};
use tide::prelude::*; use tide::prelude::*;
#[derive(Debug, Deserialize, Serialize, sqlx::FromRow)] #[derive(Debug, Deserialize, Serialize, sqlx::FromRow)]
@ -16,7 +16,7 @@ pub struct AccountsPending {
name_second: String, name_second: String,
auth_code: String, auth_code: String,
// will only last for a few hours // will only last for a few hours
expiry: i64 expiry: i64,
} }
#[derive(Debug, Deserialize, Serialize, sqlx::FromRow)] #[derive(Debug, Deserialize, Serialize, sqlx::FromRow)]
@ -24,7 +24,7 @@ pub struct Accounts {
user: String, user: String,
uid_number: i64, uid_number: i64,
discord: Option<String>, discord: Option<String>,
enabled: bool enabled: bool,
} }
pub async fn db_init(config: &Config) -> Result<Pool<Sqlite>, Error> { pub async fn db_init(config: &Config) -> Result<Pool<Sqlite>, Error> {
@ -55,9 +55,13 @@ pub async fn db_init(config: &Config) -> Result<Pool<Sqlite>, Error> {
discord text, discord text,
enabled integer not null enabled integer not null
)", )",
).execute(&pool).await?; )
.execute(&pool)
.await?;
sqlx::query("CREATE INDEX IF NOT EXISTS index_uid_number ON accounts (uid_number)").execute(&pool).await?; sqlx::query("CREATE INDEX IF NOT EXISTS index_uid_number ON accounts (uid_number)")
.execute(&pool)
.await?;
update_accounts(&pool, config).await; update_accounts(&pool, config).await;
@ -118,16 +122,13 @@ pub fn get_config() -> Config {
config config
} }
async fn update_accounts(pool: &Pool<Sqlite>, config: &Config) { async fn update_accounts(pool: &Pool<Sqlite>, config: &Config) {
let mut ldap = LdapConn::new(&config.ldap_host).unwrap(); let mut ldap = LdapConn::new(&config.ldap_host).unwrap();
ldap.simple_bind(&config.ldap_admin, &config.ldap_admin_pw).unwrap().success().unwrap(); ldap.simple_bind(&config.ldap_admin, &config.ldap_admin_pw).unwrap().success().unwrap();
if let Ok(x) = ldap.search("ou=users,dc=skynet,dc=ie", Scope::OneLevel, "(objectClass=*)", vec!["uid", "uidNumber", "skDiscord", "skMemberOf"]) { if let Ok(x) = ldap.search("ou=users,dc=skynet,dc=ie", Scope::OneLevel, "(objectClass=*)", vec!["uid", "uidNumber", "skDiscord", "skMemberOf"]) {
if let Ok((rs, _res)) = x.success() { if let Ok((rs, _res)) = x.success() {
for entry in rs { for entry in rs {
let tmp = SearchEntry::construct(entry); let tmp = SearchEntry::construct(entry);
@ -152,7 +153,7 @@ async fn update_accounts(pool: &Pool<Sqlite>, config: &Config) {
tmp_account.enabled = true; tmp_account.enabled = true;
} }
if tmp_account.user.len() > 0 { if !tmp_account.user.is_empty() {
sqlx::query_as::<_, Accounts>( sqlx::query_as::<_, Accounts>(
" "
INSERT OR REPLACE INTO accounts (user, uid_number, discord, enabled) INSERT OR REPLACE INTO accounts (user, uid_number, discord, enabled)
@ -160,15 +161,14 @@ async fn update_accounts(pool: &Pool<Sqlite>, config: &Config) {
", ",
) )
.bind(&tmp_account.user) .bind(&tmp_account.user)
.bind(&tmp_account.uid_number) .bind(tmp_account.uid_number)
.bind(&tmp_account.discord) .bind(&tmp_account.discord)
.bind(&tmp_account.enabled) .bind(tmp_account.enabled)
.fetch_optional(pool) .fetch_optional(pool)
.await .await
.ok(); .ok();
} }
} }
} }
} }

2
src/main.rs
View file

@ -1,6 +1,6 @@
use skynet_ldap_server::methods::account_new::{post_new_account, post_new_account_confirmation};
use skynet_ldap_server::methods::account_update::post_update_ldap; use skynet_ldap_server::methods::account_update::post_update_ldap;
use skynet_ldap_server::{db_init, get_config, State}; use skynet_ldap_server::{db_init, get_config, State};
use skynet_ldap_server::methods::account_new::{post_new_account, post_new_account_confirmation};
#[async_std::main] #[async_std::main]
async fn main() -> tide::Result<()> { async fn main() -> tide::Result<()> {

97
src/methods/account_new.rs
View file

@ -1,10 +1,10 @@
use crate::{Accounts, AccountsPending, get_now, State}; use crate::{get_now, Accounts, AccountsPending, State};
use ldap3::exop::PasswordModify; use ldap3::exop::PasswordModify;
use ldap3::{LdapConn, Mod, Scope, SearchEntry}; use ldap3::{LdapConn, Scope};
use sqlx::{Pool, Sqlite};
use std::collections::HashSet; use std::collections::HashSet;
use tide::prelude::{json, Deserialize}; use tide::prelude::{json, Deserialize};
use tide::Request; use tide::Request;
use sqlx::{Pool, Sqlite};
#[derive(Debug, Deserialize)] #[derive(Debug, Deserialize)]
pub struct LdapNewUser { pub struct LdapNewUser {
@ -12,7 +12,7 @@ pub struct LdapNewUser {
// email that is used on wolves // email that is used on wolves
mail: String, mail: String,
name_first: String, name_first: String,
name_second : String name_second: String,
} }
/// Handles initial detail entering page /// Handles initial detail entering page
@ -32,7 +32,7 @@ pub async fn post_new_account(mut req: Request<State>) -> tide::Result {
user, user,
mail, mail,
name_first, name_first,
name_second name_second,
} = req.body_json().await?; } = req.body_json().await?;
let config = &req.state().config; let config = &req.state().config;
@ -43,12 +43,11 @@ pub async fn post_new_account(mut req: Request<State>) -> tide::Result {
// ldap3 docs say a blank username and pass is an anon bind // ldap3 docs say a blank username and pass is an anon bind
ldap.simple_bind("", "")?.success()?; ldap.simple_bind("", "")?.success()?;
let filter_dn = format!("(uid={})", &user); let filter_dn = format!("(uid={})", &user);
if let Ok(x) = ldap.search("ou=users,dc=skynet,dc=ie", Scope::OneLevel, &filter_dn, vec!["*"]) { if let Ok(x) = ldap.search("ou=users,dc=skynet,dc=ie", Scope::OneLevel, &filter_dn, vec!["*"]) {
if let Ok((rs, _res)) = x.success() { if let Ok((rs, _res)) = x.success() {
if !rs.is_empty() { if !rs.is_empty() {
return Ok(json!({"result": "error", "error": "username not available"}).into()) return Ok(json!({"result": "error", "error": "username not available"}).into());
} }
} }
} }
@ -57,7 +56,7 @@ pub async fn post_new_account(mut req: Request<State>) -> tide::Result {
if let Ok(x) = ldap.search("ou=users,dc=skynet,dc=ie", Scope::OneLevel, &filter_email, vec!["*"]) { if let Ok(x) = ldap.search("ou=users,dc=skynet,dc=ie", Scope::OneLevel, &filter_email, vec!["*"]) {
if let Ok((rs, _res)) = x.success() { if let Ok((rs, _res)) = x.success() {
if !rs.is_empty() { if !rs.is_empty() {
return Ok(json!({"result": "error", "error": "email in use"}).into()) return Ok(json!({"result": "error", "error": "email in use"}).into());
} }
} }
} }
@ -77,9 +76,13 @@ pub async fn post_new_account(mut req: Request<State>) -> tide::Result {
FROM accounts_pending FROM accounts_pending
WHERE user == ? WHERE user == ?
"#, "#,
).bind(&user).fetch_all(pool).await { )
.bind(&user)
.fetch_all(pool)
.await
{
if !results.is_empty() { if !results.is_empty() {
return Ok(json!({"result": "error", "error": "username not available"}).into()) return Ok(json!({"result": "error", "error": "username not available"}).into());
} }
} }
@ -89,9 +92,13 @@ pub async fn post_new_account(mut req: Request<State>) -> tide::Result {
FROM accounts_pending FROM accounts_pending
WHERE mail == ? WHERE mail == ?
"#, "#,
).bind(&mail).fetch_all(pool).await { )
.bind(&mail)
.fetch_all(pool)
.await
{
if !results.is_empty() { if !results.is_empty() {
return Ok(json!({"result": "error", "error": "email in use"}).into()) return Ok(json!({"result": "error", "error": "email in use"}).into());
} }
} }
@ -121,7 +128,7 @@ pub async fn post_new_account(mut req: Request<State>) -> tide::Result {
.bind(&name_first) .bind(&name_first)
.bind(&name_second) .bind(&name_second)
.bind(&auth_code) .bind(&auth_code)
.bind(&expiry) .bind(expiry)
.fetch_optional(pool) .fetch_optional(pool)
.await .await
.ok(); .ok();
@ -131,7 +138,6 @@ pub async fn post_new_account(mut req: Request<State>) -> tide::Result {
Ok(json!({"result": "success"}).into()) Ok(json!({"result": "success"}).into())
} }
// clear the db of expired ones before checking for username and validating inputs // clear the db of expired ones before checking for username and validating inputs
async fn db_pending_clear_expired(pool: &Pool<Sqlite>) { async fn db_pending_clear_expired(pool: &Pool<Sqlite>) {
let now = get_now(); let now = get_now();
@ -141,31 +147,31 @@ async fn db_pending_clear_expired(pool: &Pool<Sqlite>){
FROM accounts_pending FROM accounts_pending
WHERE expiry < ? WHERE expiry < ?
"#, "#,
).bind(now).fetch_all(pool).await { )
.bind(now)
.fetch_all(pool)
.await
{
println!("{:?}", results) println!("{:?}", results)
} }
} }
fn create_random_string(length: usize) -> String { fn create_random_string(length: usize) -> String {
use rand::{thread_rng, Rng};
use rand::distributions::Alphanumeric; use rand::distributions::Alphanumeric;
use rand::{thread_rng, Rng};
thread_rng() thread_rng().sample_iter(&Alphanumeric).take(length).map(char::from).collect()
.sample_iter(&Alphanumeric)
.take(length)
.map(char::from)
.collect()
} }
#[derive(Debug, Deserialize)] #[derive(Debug, Deserialize)]
pub struct LdapNewUserVerify { pub struct LdapNewUserVerify {
auth_code: String, auth_code: String,
password: String password: String,
} }
pub async fn post_new_account_confirmation(mut req: Request<State>) -> tide::Result { pub async fn post_new_account_confirmation(mut req: Request<State>) -> tide::Result {
let LdapNewUserVerify { let LdapNewUserVerify {
auth_code, auth_code,
password password,
} = req.body_json().await?; } = req.body_json().await?;
let State { let State {
@ -184,7 +190,11 @@ pub async fn post_new_account_confirmation(mut req: Request<State>) -> tide::Res
FROM accounts_pending FROM accounts_pending
WHERE auth_code == ? WHERE auth_code == ?
"#, "#,
).bind(auth_code).fetch_all(db).await.unwrap_or(vec![]); )
.bind(&auth_code)
.fetch_all(db)
.await
.unwrap_or(vec![]);
if results.is_empty() { if results.is_empty() {
return Ok(json!({"result": "error"}).into()); return Ok(json!({"result": "error"}).into());
@ -195,7 +205,13 @@ pub async fn post_new_account_confirmation(mut req: Request<State>) -> tide::Res
// need to bind as admin // need to bind as admin
ldap.simple_bind(&config.ldap_admin, &config.ldap_admin_pw)?.success()?; ldap.simple_bind(&config.ldap_admin, &config.ldap_admin_pw)?.success()?;
let AccountsPending{ user, mail, name_first, name_second, auth_code, expiry } = &results[0]; let AccountsPending {
user,
mail,
name_first,
name_second,
..
} = &results[0];
let dn = format!("uid={},ou=users,dc=skynet,dc=ie", user); let dn = format!("uid={},ou=users,dc=skynet,dc=ie", user);
let uid_number = get_max_uid_number(db).await; let uid_number = get_max_uid_number(db).await;
let home_directory = format!("/home/{}", user); let home_directory = format!("/home/{}", user);
@ -206,33 +222,32 @@ pub async fn post_new_account_confirmation(mut req: Request<State>) -> tide::Res
let sk_created = get_sk_created(); let sk_created = get_sk_created();
// create user // create user
ldap.add(&dn, vec![ ldap.add(
&dn,
vec![
("objectClass", HashSet::from(["top", "person", "posixaccount", "ldapPublicKey", "inetOrgPerson", "skPerson"])), ("objectClass", HashSet::from(["top", "person", "posixaccount", "ldapPublicKey", "inetOrgPerson", "skPerson"])),
// top // top
("ou", HashSet::from(["users"])), ("ou", HashSet::from(["users"])),
// person // person
("uid", HashSet::from([user.as_str()])), ("uid", HashSet::from([user.as_str()])),
("cn", HashSet::from([cn.as_str()])), ("cn", HashSet::from([cn.as_str()])),
// posixaccount // posixaccount
("uidNumber", HashSet::from([uid_number.to_string().as_str()])), ("uidNumber", HashSet::from([uid_number.to_string().as_str()])),
("gidNumber", HashSet::from(["1001"])), ("gidNumber", HashSet::from(["1001"])),
("homedirectory", HashSet::from([home_directory.as_str()])), ("homedirectory", HashSet::from([home_directory.as_str()])),
("userpassword", HashSet::from([password_tmp.as_str()])), ("userpassword", HashSet::from([password_tmp.as_str()])),
// inetOrgPerson // inetOrgPerson
("mail", HashSet::from([mail.as_str()])), ("mail", HashSet::from([mail.as_str()])),
("sn", HashSet::from([name_second.as_str()])), ("sn", HashSet::from([name_second.as_str()])),
// skPerson // skPerson
("labeledURI", HashSet::from([labeled_uri.as_str()])), ("labeledURI", HashSet::from([labeled_uri.as_str()])),
("skMail", HashSet::from([sk_mail.as_str()])), ("skMail", HashSet::from([sk_mail.as_str()])),
// need to get this from wolves // need to get this from wolves
//("skID", HashSet::from(["12345678"])), //("skID", HashSet::from(["12345678"])),
("skCreated", HashSet::from([sk_created.as_str()])), ("skCreated", HashSet::from([sk_created.as_str()])),
])?.success()?; ],
)?
.success()?;
// now to properly set teh password // now to properly set teh password
let tmp = PasswordModify { let tmp = PasswordModify {
@ -251,7 +266,11 @@ pub async fn post_new_account_confirmation(mut req: Request<State>) -> tide::Res
DELETE FROM accounts_pending DELETE FROM accounts_pending
WHERE auth_code == ? WHERE auth_code == ?
"#, "#,
).bind(&auth_code).fetch_all(db).await { )
.bind(&auth_code)
.fetch_all(db)
.await
{
println!("{:?}", results) println!("{:?}", results)
} }
@ -262,20 +281,19 @@ pub async fn post_new_account_confirmation(mut req: Request<State>) -> tide::Res
VALUES (?1, ?2, ?3) VALUES (?1, ?2, ?3)
", ",
) )
.bind(&user) .bind(user)
.bind(&uid_number) .bind(uid_number)
.bind(false) .bind(false)
.fetch_optional(db) .fetch_optional(db)
.await .await
.ok(); .ok();
// frontend tells user that initial password ahs been sent to tehm // frontend tells user that initial password ahs been sent to tehm
Ok(json!({"result": "success"}).into()) Ok(json!({"result": "success"}).into())
} }
fn get_sk_created() -> String { fn get_sk_created() -> String {
use chrono::{Utc}; use chrono::Utc;
let now = Utc::now(); let now = Utc::now();
format!("{}", now.format("%Y%m%d%H%M%SZ")) format!("{}", now.format("%Y%m%d%H%M%SZ"))
@ -289,7 +307,10 @@ pub async fn get_max_uid_number(db: &Pool<Sqlite>) -> i64 {
ORDER BY uid_number DESC ORDER BY uid_number DESC
LIMIT 1 LIMIT 1
"#, "#,
).fetch_all(db).await { )
.fetch_all(db)
.await
{
if !results.is_empty() { if !results.is_empty() {
return results[0].uid_number + 1; return results[0].uid_number + 1;
} }

2
src/methods/mod.rs
View file

@ -1,2 +1,2 @@
pub mod account_update;
pub mod account_new; pub mod account_new;
pub mod account_update;