linuxdv.org
/
linuxdv-backend
1
0
Fork 0
Code Issues Pull Requests Releases Activity
Browse Source

= LDV::User->create

master
Alex 'AdUser' Z 10 years ago
parent
6a6be059a1
commit
77a4efd4cd
1 changed files with 59 additions and 88 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 147
      lib/LDV/User.pm

147
lib/LDV/User.pm
Unescape View File

@ -6,10 +6,6 @@ use utf8;
use Mojo::Base 'Mojolicious::Controller'; use Mojo::Base 'Mojolicious::Controller';
use Net::LDAP;
use Net::LDAP::Util qw(ldap_error_name); # is really needed?
use Crypt::SaltedHash;
# pages # pages
sub login { my ($self) = @_; $self->render(); } sub login { my ($self) = @_; $self->render(); }
sub register { my ($self) = @_; $self->render(); } sub register { my ($self) = @_; $self->render(); }
@ -42,109 +38,84 @@ sub auth {
my $user = $self->req->param('username'); my $user = $self->req->param('username');
my $pass = $self->req->param('password'); my $pass = $self->req->param('password');
if (my $delay = $self->app->config->{ldap}->{auth_delay}) { eval {
sleep $delay; my $delay = $self->app->config->{ldap}->{auth_delay};
} sleep $delay if $delay;
($user and $pass)
or die("empty username or password\n");
($user =~ m|^([a-z0-9_-]){3,64}$|oia)
or die("wrong username\n");
$self->app->ldap->auth($user, $pass)
or die("wrong user or password\n");
$self->session({useruid => $user});
$self->redirect_to('/user/profile');
} or do {
$self->flash({result => "Auth failed: $@"});
$self->redirect_to('/user/login');
};
$self->redirect_to('/user/login'); $self->rendered;
return;
} }
sub update { sub create {
my ($self) = @_; my ($self) = @_;
my ($data, $login);
unless ($login = $self->session('useruid')) {
$self->redirect_to('/user/login');
return;
}
eval { eval {
my ($ldap, $mesg); my $error;
$ldap = Net::LDAP->new($self->app->config->{server}) my $user = $self->req->param('username');
or die("$@"); my $pass = $self->req->param('password');
$mesg = $ldap->bind($self->app->config->{binddn}, my $mail = $self->req->param('mail');
password => $self->app->config->{bindpass}); ($user and $pass and $email)
if ($mesg->code) { or die("please fill all fields\n");
$self->app->log->error($mesg->error); ($user =~ m|^([a-z0-9_-]){3,64}$|oia)
die("Can't connect to server\n"); or die("wrong username\n");
}
my $base = $self->app->config->{userbase}; $error = $self->app->ldap->create($user);
my $attrs = [ @{$self->app->config->{defattrs}} ]; die("$error") if $error;
$mesg = $ldap->search(base => $base, scope => 'one', deref => 'never', $error = $self->app->ldap->update($user, {mail => $mail});
filter => '(&(uid=$login)(class=InetOrgPerson))', die("$error") if $error;
attrs => $attrs); $error = $self->app->ldap->chpass($user, $pass);
die("User not found\n") die("$error") if $error;
unless ($mesg->count);
my $entry = $mesg->pop_entry(); # TODO: confirmation email
1;
$self->redirect_to('/user/profile'); 1;
} or do { } or do {
$self->app->log->error($@);
$self->flash({result => "Can't create user: $@"});
$self->redirect_to('/user/create');
}; };
$self->stash({user_data => $data}); $self->rendered();
$self->render(); return 1;
} }
sub create sub update {
{
my ($self) = @_; my ($self) = @_;
my ($result);
$result = "Created";
eval { eval {
my ($ldap, $mesg); my $user = $self->session('useruid')
$ldap = Net::LDAP->new($self->app->config->{server}) or die("not logged in\n");
or die("$@"); my $pass = $self->req->param('password')
$mesg = $ldap->bind($self->app->config->{binddn}, or die("need current password\n");
password => $self->app->config->{bindpass}); $self->app->ldap->auth($user, $pass)
if ($mesg->code) { or die("wrong password\n");
$self->app->log->error($mesg->error);
die("Can't connect to server\n"); my %attrs = ();
} foreach my $key (qw(displayname mail org mobile)) {
my $value = $self->req->param($key) or next;
my $base = $self->app->config->{userbase}; $attrs{$key} = $value;
my $login = $self->req->param('login');
die ("Empty username\n")
unless ($login);
die ("Forbidden characters in username\n")
unless ($login =~ m|^[a-z]{2,36}$|oi);
$mesg = $ldap->search(base => $base, scope => 'one', deref => 'never',
filter => '(&(uid=$login)(class=InetOrgPerson))');
die("This user already exists\n")
if ($mesg->count);
my $attrs = {};
$attrs->{objectclass} = [ "top", @{$self->app->config->{defclasses}} ];
$attrs->{mail} = $self->req->param('mail');
$attrs->{displayname} = $self->req->param('displayname') || '';
if ($attrs->{displayname} =~ m|^(\S+)\s+(?:.*\s+)?(\S+)$|oi) {
$attrs->{cn} = $1;
$attrs->{sn} = $2;
} else {
$attrs->{cn} = '!not set!';
$attrs->{sn} = '!not set!';
}
$attrs->{uid} = $login;
my $csh = Crypt::SaltedHash->new(algorithm => 'SHA-1');
$csh->add($self->req->param('pass'));
$attrs->{userpassword} = $csh->generate();
$mesg = $ldap->add("uid=$login,$base", attrs => [ %$attrs ]);
if ($mesg->code) {
$self->app->log->error($mesg->error);
die("Can't add user\n");
} }
my $error = $self->app->ldap->update($user, %attrs);
$ldap->unbind(); 1; die("$error\n") if $error; 1;
} or do { } or do {
$self->app->log->error($@); $self->flash({result => "Can't save profile: $@"});
$result = "Error: $@"; $self->redirect_to('/user/login');
}; };
$self->flash({result => $result});
$self->redirect_to('/user/create');
$self->rendered(); $self->rendered();
return 1; return;
} }
1; 1;

Write Preview
Loading…
Cancel
Save