fmt: fmt and clippy
This commit is contained in:
parent
f7ac2fa951
commit
2e3578bae7
4 changed files with 151 additions and 130 deletions
44
src/lib.rs
44
src/lib.rs
|
@ -1,22 +1,22 @@
|
|||
pub mod methods;
|
||||
use dotenv::dotenv;
|
||||
use ldap3::{LdapConn, Scope, SearchEntry};
|
||||
use sqlx::sqlite::{SqliteConnectOptions, SqlitePoolOptions};
|
||||
use sqlx::{Error, Pool, Sqlite};
|
||||
use std::env;
|
||||
use std::str::FromStr;
|
||||
use std::time::{SystemTime, UNIX_EPOCH};
|
||||
use ldap3::{LdapConn, Scope, SearchEntry};
|
||||
use tide::prelude::*;
|
||||
|
||||
#[derive(Debug, Deserialize, Serialize, sqlx::FromRow)]
|
||||
pub struct AccountsPending {
|
||||
user: String,
|
||||
mail: String,
|
||||
name_first : String,
|
||||
name_second : String,
|
||||
auth_code : String,
|
||||
name_first: String,
|
||||
name_second: String,
|
||||
auth_code: String,
|
||||
// will only last for a few hours
|
||||
expiry: i64
|
||||
expiry: i64,
|
||||
}
|
||||
|
||||
#[derive(Debug, Deserialize, Serialize, sqlx::FromRow)]
|
||||
|
@ -24,7 +24,7 @@ pub struct Accounts {
|
|||
user: String,
|
||||
uid_number: i64,
|
||||
discord: Option<String>,
|
||||
enabled: bool
|
||||
enabled: bool,
|
||||
}
|
||||
|
||||
pub async fn db_init(config: &Config) -> Result<Pool<Sqlite>, Error> {
|
||||
|
@ -55,9 +55,13 @@ pub async fn db_init(config: &Config) -> Result<Pool<Sqlite>, Error> {
|
|||
discord text,
|
||||
enabled integer not null
|
||||
)",
|
||||
).execute(&pool).await?;
|
||||
)
|
||||
.execute(&pool)
|
||||
.await?;
|
||||
|
||||
sqlx::query("CREATE INDEX IF NOT EXISTS index_uid_number ON accounts (uid_number)").execute(&pool).await?;
|
||||
sqlx::query("CREATE INDEX IF NOT EXISTS index_uid_number ON accounts (uid_number)")
|
||||
.execute(&pool)
|
||||
.await?;
|
||||
|
||||
update_accounts(&pool, config).await;
|
||||
|
||||
|
@ -118,16 +122,13 @@ pub fn get_config() -> Config {
|
|||
config
|
||||
}
|
||||
|
||||
|
||||
async fn update_accounts(pool: &Pool<Sqlite>, config: &Config) {
|
||||
let mut ldap = LdapConn::new(&config.ldap_host).unwrap();
|
||||
|
||||
ldap.simple_bind(&config.ldap_admin, &config.ldap_admin_pw).unwrap().success().unwrap();
|
||||
|
||||
if let Ok(x) = ldap.search("ou=users,dc=skynet,dc=ie", Scope::OneLevel, "(objectClass=*)", vec!["uid", "uidNumber", "skDiscord", "skMemberOf"]) {
|
||||
|
||||
if let Ok((rs, _res)) = x.success() {
|
||||
|
||||
for entry in rs {
|
||||
let tmp = SearchEntry::construct(entry);
|
||||
|
||||
|
@ -148,27 +149,26 @@ async fn update_accounts(pool: &Pool<Sqlite>, config: &Config) {
|
|||
if tmp.attrs.contains_key("skDiscord") && !tmp.attrs["skDiscord"].is_empty() {
|
||||
tmp_account.user = tmp.attrs["skDiscord"][0].clone();
|
||||
}
|
||||
if tmp.attrs.contains_key("skMemberOf") && !tmp.attrs["skMemberOf"].is_empty() && tmp.attrs["skMemberOf"].contains(&String::from("cn=skynet-users,ou=groups,dc=skynet,dc=ie")){
|
||||
if tmp.attrs.contains_key("skMemberOf") && !tmp.attrs["skMemberOf"].is_empty() && tmp.attrs["skMemberOf"].contains(&String::from("cn=skynet-users,ou=groups,dc=skynet,dc=ie")) {
|
||||
tmp_account.enabled = true;
|
||||
}
|
||||
|
||||
if tmp_account.user.len() > 0 {
|
||||
if !tmp_account.user.is_empty() {
|
||||
sqlx::query_as::<_, Accounts>(
|
||||
"
|
||||
"
|
||||
INSERT OR REPLACE INTO accounts (user, uid_number, discord, enabled)
|
||||
VALUES (?1, ?2, ?3, ?4)
|
||||
",
|
||||
)
|
||||
.bind(&tmp_account.user)
|
||||
.bind(&tmp_account.uid_number)
|
||||
.bind(&tmp_account.discord)
|
||||
.bind(&tmp_account.enabled)
|
||||
.fetch_optional(pool)
|
||||
.await
|
||||
.ok();
|
||||
.bind(&tmp_account.user)
|
||||
.bind(tmp_account.uid_number)
|
||||
.bind(&tmp_account.discord)
|
||||
.bind(tmp_account.enabled)
|
||||
.fetch_optional(pool)
|
||||
.await
|
||||
.ok();
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
use skynet_ldap_server::methods::account_new::{post_new_account, post_new_account_confirmation};
|
||||
use skynet_ldap_server::methods::account_update::post_update_ldap;
|
||||
use skynet_ldap_server::{db_init, get_config, State};
|
||||
use skynet_ldap_server::methods::account_new::{post_new_account, post_new_account_confirmation};
|
||||
|
||||
#[async_std::main]
|
||||
async fn main() -> tide::Result<()> {
|
||||
|
|
|
@ -1,18 +1,18 @@
|
|||
use crate::{Accounts, AccountsPending, get_now, State};
|
||||
use crate::{get_now, Accounts, AccountsPending, State};
|
||||
use ldap3::exop::PasswordModify;
|
||||
use ldap3::{LdapConn, Mod, Scope, SearchEntry};
|
||||
use ldap3::{LdapConn, Scope};
|
||||
use sqlx::{Pool, Sqlite};
|
||||
use std::collections::HashSet;
|
||||
use tide::prelude::{json, Deserialize};
|
||||
use tide::Request;
|
||||
use sqlx::{Pool, Sqlite};
|
||||
|
||||
#[derive(Debug, Deserialize)]
|
||||
pub struct LdapNewUser {
|
||||
user: String,
|
||||
// email that is used on wolves
|
||||
mail: String,
|
||||
name_first : String,
|
||||
name_second : String
|
||||
name_first: String,
|
||||
name_second: String,
|
||||
}
|
||||
|
||||
/// Handles initial detail entering page
|
||||
|
@ -32,7 +32,7 @@ pub async fn post_new_account(mut req: Request<State>) -> tide::Result {
|
|||
user,
|
||||
mail,
|
||||
name_first,
|
||||
name_second
|
||||
name_second,
|
||||
} = req.body_json().await?;
|
||||
|
||||
let config = &req.state().config;
|
||||
|
@ -43,21 +43,20 @@ pub async fn post_new_account(mut req: Request<State>) -> tide::Result {
|
|||
// ldap3 docs say a blank username and pass is an anon bind
|
||||
ldap.simple_bind("", "")?.success()?;
|
||||
|
||||
|
||||
let filter_dn = format!("(uid={})", &user);
|
||||
if let Ok(x) = ldap.search("ou=users,dc=skynet,dc=ie", Scope::OneLevel, &filter_dn, vec!["*"]) {
|
||||
if let Ok((rs, _res)) = x.success(){
|
||||
if let Ok((rs, _res)) = x.success() {
|
||||
if !rs.is_empty() {
|
||||
return Ok(json!({"result": "error", "error": "username not available"}).into())
|
||||
return Ok(json!({"result": "error", "error": "username not available"}).into());
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
let filter_email = format!("(mail={})", mail);
|
||||
if let Ok(x) = ldap.search("ou=users,dc=skynet,dc=ie", Scope::OneLevel, &filter_email, vec!["*"]) {
|
||||
if let Ok((rs, _res)) = x.success(){
|
||||
if let Ok((rs, _res)) = x.success() {
|
||||
if !rs.is_empty() {
|
||||
return Ok(json!({"result": "error", "error": "email in use"}).into())
|
||||
return Ok(json!({"result": "error", "error": "email in use"}).into());
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -77,9 +76,13 @@ pub async fn post_new_account(mut req: Request<State>) -> tide::Result {
|
|||
FROM accounts_pending
|
||||
WHERE user == ?
|
||||
"#,
|
||||
).bind(&user).fetch_all(pool).await {
|
||||
if !results.is_empty(){
|
||||
return Ok(json!({"result": "error", "error": "username not available"}).into())
|
||||
)
|
||||
.bind(&user)
|
||||
.fetch_all(pool)
|
||||
.await
|
||||
{
|
||||
if !results.is_empty() {
|
||||
return Ok(json!({"result": "error", "error": "username not available"}).into());
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -89,21 +92,25 @@ pub async fn post_new_account(mut req: Request<State>) -> tide::Result {
|
|||
FROM accounts_pending
|
||||
WHERE mail == ?
|
||||
"#,
|
||||
).bind(&mail).fetch_all(pool).await {
|
||||
if !results.is_empty(){
|
||||
return Ok(json!({"result": "error", "error": "email in use"}).into())
|
||||
)
|
||||
.bind(&mail)
|
||||
.fetch_all(pool)
|
||||
.await
|
||||
{
|
||||
if !results.is_empty() {
|
||||
return Ok(json!({"result": "error", "error": "email in use"}).into());
|
||||
}
|
||||
}
|
||||
|
||||
// frontend now tells user to check their email
|
||||
|
||||
/*
|
||||
TODO:
|
||||
now check with wolves to see if the email is already activated
|
||||
use email as primary match
|
||||
then search up to see if teh wolves ID has a match
|
||||
if not generate tuhe user and send email
|
||||
*/
|
||||
TODO:
|
||||
now check with wolves to see if the email is already activated
|
||||
use email as primary match
|
||||
then search up to see if teh wolves ID has a match
|
||||
if not generate tuhe user and send email
|
||||
*/
|
||||
|
||||
let auth_code = create_random_string(50);
|
||||
|
||||
|
@ -116,24 +123,23 @@ pub async fn post_new_account(mut req: Request<State>) -> tide::Result {
|
|||
VALUES (?1, ?2, ?3, ?4, ?5, ?6)
|
||||
"#,
|
||||
)
|
||||
.bind(&user)
|
||||
.bind(&mail)
|
||||
.bind(&name_first)
|
||||
.bind(&name_second)
|
||||
.bind(&auth_code)
|
||||
.bind(&expiry)
|
||||
.fetch_optional(pool)
|
||||
.await
|
||||
.ok();
|
||||
.bind(&user)
|
||||
.bind(&mail)
|
||||
.bind(&name_first)
|
||||
.bind(&name_second)
|
||||
.bind(&auth_code)
|
||||
.bind(expiry)
|
||||
.fetch_optional(pool)
|
||||
.await
|
||||
.ok();
|
||||
|
||||
// TODO: Send email with auth_code
|
||||
|
||||
Ok(json!({"result": "success"}).into())
|
||||
}
|
||||
|
||||
|
||||
// clear the db of expired ones before checking for username and validating inputs
|
||||
async fn db_pending_clear_expired(pool: &Pool<Sqlite>){
|
||||
async fn db_pending_clear_expired(pool: &Pool<Sqlite>) {
|
||||
let now = get_now();
|
||||
if let Ok(results) = sqlx::query_as::<_, AccountsPending>(
|
||||
r#"
|
||||
|
@ -141,31 +147,31 @@ async fn db_pending_clear_expired(pool: &Pool<Sqlite>){
|
|||
FROM accounts_pending
|
||||
WHERE expiry < ?
|
||||
"#,
|
||||
).bind(now).fetch_all(pool).await {
|
||||
)
|
||||
.bind(now)
|
||||
.fetch_all(pool)
|
||||
.await
|
||||
{
|
||||
println!("{:?}", results)
|
||||
}
|
||||
}
|
||||
|
||||
fn create_random_string(length: usize) -> String {
|
||||
use rand::{thread_rng, Rng};
|
||||
use rand::distributions::Alphanumeric;
|
||||
use rand::{thread_rng, Rng};
|
||||
|
||||
thread_rng()
|
||||
.sample_iter(&Alphanumeric)
|
||||
.take(length)
|
||||
.map(char::from)
|
||||
.collect()
|
||||
thread_rng().sample_iter(&Alphanumeric).take(length).map(char::from).collect()
|
||||
}
|
||||
|
||||
#[derive(Debug, Deserialize)]
|
||||
pub struct LdapNewUserVerify {
|
||||
auth_code: String,
|
||||
password: String
|
||||
password: String,
|
||||
}
|
||||
pub async fn post_new_account_confirmation(mut req: Request<State>) -> tide::Result {
|
||||
let LdapNewUserVerify {
|
||||
auth_code,
|
||||
password
|
||||
password,
|
||||
} = req.body_json().await?;
|
||||
|
||||
let State {
|
||||
|
@ -179,12 +185,16 @@ pub async fn post_new_account_confirmation(mut req: Request<State>) -> tide::Res
|
|||
|
||||
// search db for auth_code
|
||||
let results = sqlx::query_as::<_, AccountsPending>(
|
||||
r#"
|
||||
r#"
|
||||
SELECT *
|
||||
FROM accounts_pending
|
||||
WHERE auth_code == ?
|
||||
"#,
|
||||
).bind(auth_code).fetch_all(db).await.unwrap_or(vec![]);
|
||||
)
|
||||
.bind(&auth_code)
|
||||
.fetch_all(db)
|
||||
.await
|
||||
.unwrap_or(vec![]);
|
||||
|
||||
if results.is_empty() {
|
||||
return Ok(json!({"result": "error"}).into());
|
||||
|
@ -195,7 +205,13 @@ pub async fn post_new_account_confirmation(mut req: Request<State>) -> tide::Res
|
|||
// need to bind as admin
|
||||
ldap.simple_bind(&config.ldap_admin, &config.ldap_admin_pw)?.success()?;
|
||||
|
||||
let AccountsPending{ user, mail, name_first, name_second, auth_code, expiry } = &results[0];
|
||||
let AccountsPending {
|
||||
user,
|
||||
mail,
|
||||
name_first,
|
||||
name_second,
|
||||
..
|
||||
} = &results[0];
|
||||
let dn = format!("uid={},ou=users,dc=skynet,dc=ie", user);
|
||||
let uid_number = get_max_uid_number(db).await;
|
||||
let home_directory = format!("/home/{}", user);
|
||||
|
@ -206,33 +222,32 @@ pub async fn post_new_account_confirmation(mut req: Request<State>) -> tide::Res
|
|||
let sk_created = get_sk_created();
|
||||
|
||||
// create user
|
||||
ldap.add(&dn, vec![
|
||||
("objectClass", HashSet::from(["top", "person", "posixaccount", "ldapPublicKey", "inetOrgPerson", "skPerson"])),
|
||||
|
||||
// top
|
||||
("ou", HashSet::from(["users"])),
|
||||
|
||||
// person
|
||||
("uid", HashSet::from([user.as_str()])),
|
||||
("cn", HashSet::from([cn.as_str()])),
|
||||
|
||||
// posixaccount
|
||||
("uidNumber", HashSet::from([uid_number.to_string().as_str()])),
|
||||
("gidNumber", HashSet::from(["1001"])),
|
||||
("homedirectory", HashSet::from([home_directory.as_str()])),
|
||||
("userpassword", HashSet::from([password_tmp.as_str()])),
|
||||
|
||||
// inetOrgPerson
|
||||
("mail", HashSet::from([mail.as_str()])),
|
||||
("sn", HashSet::from([name_second.as_str()])),
|
||||
|
||||
// skPerson
|
||||
("labeledURI", HashSet::from([labeled_uri.as_str()])),
|
||||
("skMail", HashSet::from([sk_mail.as_str()])),
|
||||
ldap.add(
|
||||
&dn,
|
||||
vec![
|
||||
("objectClass", HashSet::from(["top", "person", "posixaccount", "ldapPublicKey", "inetOrgPerson", "skPerson"])),
|
||||
// top
|
||||
("ou", HashSet::from(["users"])),
|
||||
// person
|
||||
("uid", HashSet::from([user.as_str()])),
|
||||
("cn", HashSet::from([cn.as_str()])),
|
||||
// posixaccount
|
||||
("uidNumber", HashSet::from([uid_number.to_string().as_str()])),
|
||||
("gidNumber", HashSet::from(["1001"])),
|
||||
("homedirectory", HashSet::from([home_directory.as_str()])),
|
||||
("userpassword", HashSet::from([password_tmp.as_str()])),
|
||||
// inetOrgPerson
|
||||
("mail", HashSet::from([mail.as_str()])),
|
||||
("sn", HashSet::from([name_second.as_str()])),
|
||||
// skPerson
|
||||
("labeledURI", HashSet::from([labeled_uri.as_str()])),
|
||||
("skMail", HashSet::from([sk_mail.as_str()])),
|
||||
// need to get this from wolves
|
||||
//("skID", HashSet::from(["12345678"])),
|
||||
("skCreated", HashSet::from([sk_created.as_str()])),
|
||||
])?.success()?;
|
||||
//("skID", HashSet::from(["12345678"])),
|
||||
("skCreated", HashSet::from([sk_created.as_str()])),
|
||||
],
|
||||
)?
|
||||
.success()?;
|
||||
|
||||
// now to properly set teh password
|
||||
let tmp = PasswordModify {
|
||||
|
@ -251,7 +266,11 @@ pub async fn post_new_account_confirmation(mut req: Request<State>) -> tide::Res
|
|||
DELETE FROM accounts_pending
|
||||
WHERE auth_code == ?
|
||||
"#,
|
||||
).bind(&auth_code).fetch_all(db).await {
|
||||
)
|
||||
.bind(&auth_code)
|
||||
.fetch_all(db)
|
||||
.await
|
||||
{
|
||||
println!("{:?}", results)
|
||||
}
|
||||
|
||||
|
@ -262,20 +281,19 @@ pub async fn post_new_account_confirmation(mut req: Request<State>) -> tide::Res
|
|||
VALUES (?1, ?2, ?3)
|
||||
",
|
||||
)
|
||||
.bind(&user)
|
||||
.bind(&uid_number)
|
||||
.bind(false)
|
||||
.fetch_optional(db)
|
||||
.await
|
||||
.ok();
|
||||
|
||||
.bind(user)
|
||||
.bind(uid_number)
|
||||
.bind(false)
|
||||
.fetch_optional(db)
|
||||
.await
|
||||
.ok();
|
||||
|
||||
// frontend tells user that initial password ahs been sent to tehm
|
||||
Ok(json!({"result": "success"}).into())
|
||||
}
|
||||
|
||||
fn get_sk_created() -> String {
|
||||
use chrono::{Utc};
|
||||
use chrono::Utc;
|
||||
let now = Utc::now();
|
||||
|
||||
format!("{}", now.format("%Y%m%d%H%M%SZ"))
|
||||
|
@ -289,7 +307,10 @@ pub async fn get_max_uid_number(db: &Pool<Sqlite>) -> i64 {
|
|||
ORDER BY uid_number DESC
|
||||
LIMIT 1
|
||||
"#,
|
||||
).fetch_all(db).await {
|
||||
)
|
||||
.fetch_all(db)
|
||||
.await
|
||||
{
|
||||
if !results.is_empty() {
|
||||
return results[0].uid_number + 1;
|
||||
}
|
||||
|
|
|
@ -1,2 +1,2 @@
|
|||
pub mod account_update;
|
||||
pub mod account_new;
|
||||
pub mod account_update;
|
||||
|
|
Loading…
Reference in a new issue