262 lines
4.2 KiB
Markdown
262 lines
4.2 KiB
Markdown
# Skynet LDAP backend
|
|
|
|
Basic information on the Skynet ldap backend for use on <https://account.skynet.ie>
|
|
|
|
|
|
### Error: HTTP 500
|
|
No indication of the issue is returned to teh frontend.
|
|
|
|
## Routes
|
|
Base URL: <https://api.account.skynet.ie>
|
|
|
|
|
|
### POST /ldap/update
|
|
Fields:
|
|
* userPassword
|
|
* mail
|
|
* sshPublicKey
|
|
* cn
|
|
* sn
|
|
* skDiscord
|
|
|
|
```json
|
|
{
|
|
"user" : "username",
|
|
"pass" : "password",
|
|
"field": "field to change",
|
|
"value": "new value of field"
|
|
}
|
|
```
|
|
|
|
Success:
|
|
Each value is either a string or ``null``.
|
|
```json
|
|
{
|
|
"result": "success",
|
|
"success": {
|
|
"cn": "Firstname Surname",
|
|
"mail": "Email address",
|
|
"skDiscord": null,
|
|
"sshPublicKey": "ssh key"
|
|
}
|
|
}
|
|
```
|
|
|
|
Changing ``userPassword`` requires the existing password in teh apssword field and the new one in teh value field.
|
|
|
|
### POST /ldap/new/email
|
|
|
|
Kickstarts teh process of signing up to Skynet
|
|
|
|
```json
|
|
{
|
|
"email" : "User's wolves email"
|
|
}
|
|
```
|
|
|
|
|
|
### POST /ldap/new/account
|
|
|
|
Verifies teh user has access to this email
|
|
|
|
```json
|
|
{
|
|
"auth" : "Authcode from the email",
|
|
"user" : "username the user wants",
|
|
"pass" : "password teh user wants"
|
|
}
|
|
```
|
|
|
|
Username taken:
|
|
```json
|
|
{"result": "error", "error": "username not available"}
|
|
```
|
|
|
|
Invalid Auth:
|
|
```json
|
|
{"result": "error", "error": "Invalid auth"}
|
|
```
|
|
|
|
## Responses
|
|
|
|
Generic responses which is used unless otherwise specified above.
|
|
|
|
### POST /ldap/recover/username
|
|
Sends an email to the user of the address reminding them of their username (if there is an account associated with said username).
|
|
```json
|
|
{
|
|
"email" : "email looking for remidner"
|
|
}
|
|
```
|
|
|
|
### POST /ldap/recover/password
|
|
|
|
```json
|
|
{
|
|
"user" : "[OPTIONAL] username looking for reset",
|
|
"email" : "[OPTIONAL] email looking for reset"
|
|
}
|
|
```
|
|
|
|
All responses:
|
|
```json
|
|
{"result": "success"}
|
|
```
|
|
|
|
### POST /ldap/recover/password/auth
|
|
|
|
```json
|
|
{
|
|
"auth" : "Auth key from teh email",
|
|
"pass" : "Password the user chooses"
|
|
}
|
|
```
|
|
|
|
Early Errors:
|
|
```json
|
|
{"result": "error"}
|
|
```
|
|
|
|
LDAP error:
|
|
```json
|
|
{"result": "error", "error": "ldap error"}
|
|
```
|
|
|
|
Success:
|
|
```json
|
|
{"result": "success", "success": "Password set"}
|
|
```
|
|
|
|
### POST /ldap/recover/ssh/request
|
|
This endpoint can set emails for old skynet members who previously logged in via ssh keys.
|
|
1. Request for their account.
|
|
2. A list of public keys will be displayed.
|
|
3. Sign using one of the private keys.
|
|
4. Submit the pem value.
|
|
|
|
```bash
|
|
echo "auth code" | ssh-keygen -Y sign -n file -f /path/to/private/key
|
|
```
|
|
|
|
```json
|
|
{
|
|
"user" : "Skynet username",
|
|
"email" : "Email to set"
|
|
}
|
|
```
|
|
|
|
Errors:
|
|
```json
|
|
{"result": "error", "error": "Skynet email not permitted."}
|
|
```
|
|
|
|
```json
|
|
{ "result": "success", "success": { "auth": "", "keys": [] }}
|
|
```
|
|
```json
|
|
{ "result": "success", "success": { "auth": "code here", "keys": ["key 1", "key 2"] }}
|
|
```
|
|
|
|
### POST /ldap/recover/ssh/verify
|
|
|
|
|
|
```json
|
|
{
|
|
"user" : "Skynet username",
|
|
"auth_signed" : "signed auth code"
|
|
}
|
|
```
|
|
|
|
#### Errors
|
|
```json
|
|
{ "result": "error"}
|
|
```
|
|
|
|
```json
|
|
{ "result": "error", "error": "Incorrect signed format"}
|
|
```
|
|
|
|
```json
|
|
{"result": "error", "error": "no valid key"}
|
|
```
|
|
#### Success
|
|
|
|
```json
|
|
{"result": "success", "success": "key valid"}
|
|
```
|
|
|
|
### POST /ldap/ssh
|
|
Returns array of SSH keys associated with the Skynet account
|
|
```json
|
|
{
|
|
"auth" : {
|
|
"user": "username",
|
|
"pass": "password"
|
|
}
|
|
}
|
|
```
|
|
#### Errors
|
|
```json
|
|
{"result": "error", "error": "Failed to authenticate"}
|
|
```
|
|
#### Success
|
|
```json
|
|
{"result": "success", "success": ["key1","key2","key3"]}
|
|
```
|
|
|
|
### DELETE /ldap/ssh
|
|
Deletes SSH key from Skynet account
|
|
```json
|
|
{
|
|
"auth" : {
|
|
"user": "username",
|
|
"pass": "password"
|
|
},
|
|
"key": "ssh key"
|
|
}
|
|
```
|
|
#### Errors
|
|
```json
|
|
{"result": "error", "error": "Failed to authenticate"}
|
|
```
|
|
```json
|
|
{"result": "error", "error": "Failed to remove key"}
|
|
```
|
|
#### Success
|
|
```json
|
|
{"result": "success"}
|
|
```
|
|
|
|
### POST /ldap/ssh/add
|
|
Adds SSH key to Skynet account
|
|
```json
|
|
{
|
|
"auth" : {
|
|
"user": "username",
|
|
"pass": "password"
|
|
},
|
|
"key": "ssh key"
|
|
}
|
|
```
|
|
#### Errors
|
|
```json
|
|
{"result": "error", "error": "Failed to authenticate"}
|
|
```
|
|
```json
|
|
{"result": "error", "error": "Failed to add key"}
|
|
```
|
|
#### Success
|
|
```json
|
|
{"result": "success"}
|
|
```
|
|
## Responses
|
|
|
|
Generic responses which is used unless otherwise specified above.
|
|
|
|
|
|
### Success: HTTP 200
|
|
```json
|
|
{
|
|
"result": "success"
|
|
}
|
|
```
|