Browse Source

= LDV::User->create

master
Alex 'AdUser' Z 10 years ago
parent
commit
77a4efd4cd
  1. 147
      lib/LDV/User.pm

147
lib/LDV/User.pm

@ -6,10 +6,6 @@ use utf8;
use Mojo::Base 'Mojolicious::Controller';
use Net::LDAP;
use Net::LDAP::Util qw(ldap_error_name); # is really needed?
use Crypt::SaltedHash;
# pages
sub login { my ($self) = @_; $self->render(); }
sub register { my ($self) = @_; $self->render(); }
@ -42,109 +38,84 @@ sub auth {
my $user = $self->req->param('username');
my $pass = $self->req->param('password');
if (my $delay = $self->app->config->{ldap}->{auth_delay}) {
sleep $delay;
}
eval {
my $delay = $self->app->config->{ldap}->{auth_delay};
sleep $delay if $delay;
($user and $pass)
or die("empty username or password\n");
($user =~ m|^([a-z0-9_-]){3,64}$|oia)
or die("wrong username\n");
$self->app->ldap->auth($user, $pass)
or die("wrong user or password\n");
$self->session({useruid => $user});
$self->redirect_to('/user/profile');
} or do {
$self->flash({result => "Auth failed: $@"});
$self->redirect_to('/user/login');
};
$self->rendered;
return;
}
sub update {
sub create {
my ($self) = @_;
my ($data, $login);
unless ($login = $self->session('useruid')) {
$self->redirect_to('/user/login');
return;
}
eval {
my ($ldap, $mesg);
$ldap = Net::LDAP->new($self->app->config->{server})
or die("$@");
$mesg = $ldap->bind($self->app->config->{binddn},
password => $self->app->config->{bindpass});
if ($mesg->code) {
$self->app->log->error($mesg->error);
die("Can't connect to server\n");
}
my $base = $self->app->config->{userbase};
my $attrs = [ @{$self->app->config->{defattrs}} ];
$mesg = $ldap->search(base => $base, scope => 'one', deref => 'never',
filter => '(&(uid=$login)(class=InetOrgPerson))',
attrs => $attrs);
die("User not found\n")
unless ($mesg->count);
my $entry = $mesg->pop_entry();
1;
my $error;
my $user = $self->req->param('username');
my $pass = $self->req->param('password');
my $mail = $self->req->param('mail');
($user and $pass and $email)
or die("please fill all fields\n");
($user =~ m|^([a-z0-9_-]){3,64}$|oia)
or die("wrong username\n");
$error = $self->app->ldap->create($user);
die("$error") if $error;
$error = $self->app->ldap->update($user, {mail => $mail});
die("$error") if $error;
$error = $self->app->ldap->chpass($user, $pass);
die("$error") if $error;
# TODO: confirmation email
$self->redirect_to('/user/profile'); 1;
} or do {
$self->app->log->error($@);
$self->flash({result => "Can't create user: $@"});
$self->redirect_to('/user/create');
};
$self->stash({user_data => $data});
$self->render();
$self->rendered();
return 1;
}
sub create
{
sub update {
my ($self) = @_;
my ($result);
$result = "Created";
eval {
my ($ldap, $mesg);
$ldap = Net::LDAP->new($self->app->config->{server})
or die("$@");
$mesg = $ldap->bind($self->app->config->{binddn},
password => $self->app->config->{bindpass});
if ($mesg->code) {
$self->app->log->error($mesg->error);
die("Can't connect to server\n");
}
my $base = $self->app->config->{userbase};
my $login = $self->req->param('login');
die ("Empty username\n")
unless ($login);
die ("Forbidden characters in username\n")
unless ($login =~ m|^[a-z]{2,36}$|oi);
$mesg = $ldap->search(base => $base, scope => 'one', deref => 'never',
filter => '(&(uid=$login)(class=InetOrgPerson))');
die("This user already exists\n")
if ($mesg->count);
my $attrs = {};
$attrs->{objectclass} = [ "top", @{$self->app->config->{defclasses}} ];
$attrs->{mail} = $self->req->param('mail');
$attrs->{displayname} = $self->req->param('displayname') || '';
if ($attrs->{displayname} =~ m|^(\S+)\s+(?:.*\s+)?(\S+)$|oi) {
$attrs->{cn} = $1;
$attrs->{sn} = $2;
} else {
$attrs->{cn} = '!not set!';
$attrs->{sn} = '!not set!';
}
$attrs->{uid} = $login;
my $csh = Crypt::SaltedHash->new(algorithm => 'SHA-1');
$csh->add($self->req->param('pass'));
$attrs->{userpassword} = $csh->generate();
$mesg = $ldap->add("uid=$login,$base", attrs => [ %$attrs ]);
if ($mesg->code) {
$self->app->log->error($mesg->error);
die("Can't add user\n");
my $user = $self->session('useruid')
or die("not logged in\n");
my $pass = $self->req->param('password')
or die("need current password\n");
$self->app->ldap->auth($user, $pass)
or die("wrong password\n");
my %attrs = ();
foreach my $key (qw(displayname mail org mobile)) {
my $value = $self->req->param($key) or next;
$attrs{$key} = $value;
}
$ldap->unbind(); 1;
my $error = $self->app->ldap->update($user, %attrs);
die("$error\n") if $error; 1;
} or do {
$self->app->log->error($@);
$result = "Error: $@";
$self->flash({result => "Can't save profile: $@"});
$self->redirect_to('/user/login');
};
$self->flash({result => $result});
$self->redirect_to('/user/create');
$self->rendered();
return 1;
return;
}
1;

Loading…
Cancel
Save