manage auth and add secret

This commit is contained in:
Matthieu Lamalle 2019-11-28 14:36:49 +01:00
parent e965fd3d03
commit 290cb1edc6
4 changed files with 31 additions and 21 deletions

View File

@ -30,7 +30,7 @@ func LogIn(username string, password string) (ok bool, user map[string]string) {
GroupFilter: "(memberUid=%s)",
Attributes: conf.LDAP.Attributes,
}
log.Print(ldapclient)
defer ldapclient.Close()
ok, user, err := ldapclient.Authenticate(username, password)

View File

@ -5,25 +5,28 @@ import (
ini "gopkg.in/ini.v1"
)
// Config is the config
type Config struct {
HTTP HTTPConfig
LDAP LDAPConfig
HTTP HTTPConfig
LDAP LDAPConfig
}
// HTTPConfig is the http config
type HTTPConfig struct {
Address string
Address string
Secret string
}
// LDAPConfig is the ldap config
type LDAPConfig struct {
Base string
Host string
Port int
BindDN string
BindPassword string
UserFilter string
Attributes []string
Base string
Host string
Port int
BindDN string
BindPassword string
UserFilter string
Attributes []string
}
// NewFromFile retrieves the configuration from the given file
@ -38,11 +41,12 @@ func NewFromFile(filepath string) (*Config, error) {
}
return config, nil
}
// NewDefault set a default config
func NewDefault() *Config {
return &Config{
HTTP: HTTPConfig{
Address: ":3001",
Address: ":3001",
},
LDAP: LDAPConfig{
Base: "dc=example,dc=com",
@ -53,9 +57,9 @@ func NewDefault() *Config {
UserFilter: "(uid=%s)",
Attributes: []string{"givenName", "sn", "mail", "uid"},
},
}
}
// Dump return the config dump
func Dump(config *Config, w io.Writer) error {
cfg := ini.Empty()

View File

@ -23,6 +23,7 @@ type User struct {
}
var configFile = "server.conf"
var secret string
func main() {
@ -32,6 +33,7 @@ func main() {
if conferr != nil {
conf = config.NewDefault()
}
secret = conf.HTTP.Secret
bdd.InitDB()
@ -52,19 +54,18 @@ func main() {
// ServerHTTP is the entry point to all requests
func (u *User) ServeHTTP(w http.ResponseWriter, r *http.Request) {
if err := r.ParseForm(); err != nil {
log.Printf("ParseForm() err: %v", err)
} else {
u.Auth(r.FormValue("user"), r.FormValue("password"))
}
if u.Name == "" {
LogInPage(w, r)
if r.Method == http.MethodPost && r.Form.Get("option") != "" && r.Form.Get("key") == "hBObfzuTOTv6BjLUxzXaV5MUeNsTdivY" {
VoteEndPoint(w, r)
return
}
if r.Method == http.MethodPost && r.Form.Get("option") != "" {
VoteEndPoint(w, r)
if u.Name == "" {
LogInPage(w, r)
return
}
if r.URL.Path == "/" {
@ -84,6 +85,9 @@ func (u *User) Auth(user string, pass string) bool {
if auth {
u.Name = user
u.Password = pass
} else {
u.Name = ""
u.Password = ""
}
// auth := true
// u.Name = "mlamalle"
@ -107,11 +111,12 @@ func LogInPage(w http.ResponseWriter, r *http.Request) {
// HomePage is the homepage of the app
func HomePage(w http.ResponseWriter, r *http.Request) {
type HomeData struct {
Key string
Foods foodlist.FoodOfTheDay
Votes vote.VotesOfTheDay
}
datas := HomeData{foodlist.GetFoodOfTheDay(), vote.GetVotesOfTheDay()}
datas := HomeData{secret, foodlist.GetFoodOfTheDay(), vote.GetVotesOfTheDay()}
paths := []string{
"./templates/index.tmpl",

View File

@ -9,7 +9,8 @@
<script src="https://twemoji.maxcdn.com/v/latest/twemoji.min.js" crossorigin="anonymous"></script>
<style type="text/css">h2 { margin: 2em 0em; } .ui.container { padding-top: 5em; padding-bottom: 5em; } </style>
<script type="text/javascript">
function vote(option){$.post( "/", {option}, ( data ) => { $('.modal').modal('show');});}
var key = "{{ .Key }}";
function vote(option){$.post( "/", {option, key}, ( data ) => { $('.modal').modal('show');});}
function reload(){document.location.reload(true);}
</script>