You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
150 lines
3.7 KiB
150 lines
3.7 KiB
package LDV::User; |
|
|
|
use strict; |
|
use warnings; |
|
use utf8; |
|
|
|
use Mojo::Base 'Mojolicious::Controller'; |
|
|
|
use Net::LDAP; |
|
use Net::LDAP::Util qw(ldap_error_name); # is really needed? |
|
use Crypt::SaltedHash; |
|
|
|
# pages |
|
sub login { my ($self) = @_; $self->render(); } |
|
sub register { my ($self) = @_; $self->render(); } |
|
|
|
sub profile { |
|
my ($self) = @_; |
|
|
|
if (my $uid = $self->session('useruid')) { |
|
my $data = $self->app->ldap->get($uid); |
|
$self->stash(user_data => $data); |
|
$self->render(); |
|
return; |
|
} |
|
|
|
$self->redirect_to('/user/login'); |
|
$self->rendered(); |
|
return; |
|
} |
|
|
|
sub logout { |
|
my ($self) = @_; |
|
|
|
$self->session({useruid => undef}); |
|
$self->redirect_to('/user/login'); |
|
$self->rendered(); |
|
} |
|
|
|
sub auth { |
|
my ($self) = @_; |
|
my $user = $self->req->param('username'); |
|
my $pass = $self->req->param('password'); |
|
|
|
if (my $delay = $self->app->config->{ldap}->{auth_delay}) { |
|
sleep $delay; |
|
} |
|
|
|
$self->redirect_to('/user/login'); |
|
} |
|
|
|
sub update { |
|
my ($self) = @_; |
|
my ($data, $login); |
|
|
|
unless ($login = $self->session('useruid')) { |
|
$self->redirect_to('/user/login'); |
|
return; |
|
} |
|
|
|
eval { |
|
my ($ldap, $mesg); |
|
$ldap = Net::LDAP->new($self->app->config->{server}) |
|
or die("$@"); |
|
$mesg = $ldap->bind($self->app->config->{binddn}, |
|
password => $self->app->config->{bindpass}); |
|
if ($mesg->code) { |
|
$self->app->log->error($mesg->error); |
|
die("Can't connect to server\n"); |
|
} |
|
my $base = $self->app->config->{userbase}; |
|
my $attrs = [ @{$self->app->config->{defattrs}} ]; |
|
$mesg = $ldap->search(base => $base, scope => 'one', deref => 'never', |
|
filter => '(&(uid=$login)(class=InetOrgPerson))', |
|
attrs => $attrs); |
|
die("User not found\n") |
|
unless ($mesg->count); |
|
my $entry = $mesg->pop_entry(); |
|
1; |
|
} or do { |
|
}; |
|
|
|
$self->stash({user_data => $data}); |
|
$self->render(); |
|
} |
|
|
|
sub create |
|
{ |
|
my ($self) = @_; |
|
my ($result); |
|
|
|
$result = "Created"; |
|
eval { |
|
my ($ldap, $mesg); |
|
$ldap = Net::LDAP->new($self->app->config->{server}) |
|
or die("$@"); |
|
$mesg = $ldap->bind($self->app->config->{binddn}, |
|
password => $self->app->config->{bindpass}); |
|
if ($mesg->code) { |
|
$self->app->log->error($mesg->error); |
|
die("Can't connect to server\n"); |
|
} |
|
|
|
my $base = $self->app->config->{userbase}; |
|
my $login = $self->req->param('login'); |
|
die ("Empty username\n") |
|
unless ($login); |
|
die ("Forbidden characters in username\n") |
|
unless ($login =~ m|^[a-z]{2,36}$|oi); |
|
$mesg = $ldap->search(base => $base, scope => 'one', deref => 'never', |
|
filter => '(&(uid=$login)(class=InetOrgPerson))'); |
|
die("This user already exists\n") |
|
if ($mesg->count); |
|
|
|
my $attrs = {}; |
|
$attrs->{objectclass} = [ "top", @{$self->app->config->{defclasses}} ]; |
|
$attrs->{mail} = $self->req->param('mail'); |
|
$attrs->{displayname} = $self->req->param('displayname') || ''; |
|
if ($attrs->{displayname} =~ m|^(\S+)\s+(?:.*\s+)?(\S+)$|oi) { |
|
$attrs->{cn} = $1; |
|
$attrs->{sn} = $2; |
|
} else { |
|
$attrs->{cn} = '!not set!'; |
|
$attrs->{sn} = '!not set!'; |
|
} |
|
|
|
$attrs->{uid} = $login; |
|
my $csh = Crypt::SaltedHash->new(algorithm => 'SHA-1'); |
|
$csh->add($self->req->param('pass')); |
|
$attrs->{userpassword} = $csh->generate(); |
|
|
|
$mesg = $ldap->add("uid=$login,$base", attrs => [ %$attrs ]); |
|
if ($mesg->code) { |
|
$self->app->log->error($mesg->error); |
|
die("Can't add user\n"); |
|
} |
|
|
|
$ldap->unbind(); 1; |
|
} or do { |
|
$self->app->log->error($@); |
|
$result = "Error: $@"; |
|
}; |
|
|
|
$self->flash({result => $result}); |
|
$self->redirect_to('/user/create'); |
|
$self->rendered(); |
|
return 1; |
|
} |
|
|
|
1;
|
|
|