manage auth and add secret

This commit is contained in:
Matthieu Lamalle 2019-11-28 14:36:49 +01:00
parent e965fd3d03
commit 290cb1edc6
4 changed files with 31 additions and 21 deletions

View File

@ -30,7 +30,7 @@ func LogIn(username string, password string) (ok bool, user map[string]string) {
GroupFilter: "(memberUid=%s)", GroupFilter: "(memberUid=%s)",
Attributes: conf.LDAP.Attributes, Attributes: conf.LDAP.Attributes,
} }
log.Print(ldapclient)
defer ldapclient.Close() defer ldapclient.Close()
ok, user, err := ldapclient.Authenticate(username, password) ok, user, err := ldapclient.Authenticate(username, password)

View File

@ -5,25 +5,28 @@ import (
ini "gopkg.in/ini.v1" ini "gopkg.in/ini.v1"
) )
// Config is the config // Config is the config
type Config struct { type Config struct {
HTTP HTTPConfig HTTP HTTPConfig
LDAP LDAPConfig LDAP LDAPConfig
} }
// HTTPConfig is the http config // HTTPConfig is the http config
type HTTPConfig struct { type HTTPConfig struct {
Address string Address string
Secret string
} }
// LDAPConfig is the ldap config // LDAPConfig is the ldap config
type LDAPConfig struct { type LDAPConfig struct {
Base string Base string
Host string Host string
Port int Port int
BindDN string BindDN string
BindPassword string BindPassword string
UserFilter string UserFilter string
Attributes []string Attributes []string
} }
// NewFromFile retrieves the configuration from the given file // NewFromFile retrieves the configuration from the given file
@ -38,11 +41,12 @@ func NewFromFile(filepath string) (*Config, error) {
} }
return config, nil return config, nil
} }
// NewDefault set a default config // NewDefault set a default config
func NewDefault() *Config { func NewDefault() *Config {
return &Config{ return &Config{
HTTP: HTTPConfig{ HTTP: HTTPConfig{
Address: ":3001", Address: ":3001",
}, },
LDAP: LDAPConfig{ LDAP: LDAPConfig{
Base: "dc=example,dc=com", Base: "dc=example,dc=com",
@ -53,9 +57,9 @@ func NewDefault() *Config {
UserFilter: "(uid=%s)", UserFilter: "(uid=%s)",
Attributes: []string{"givenName", "sn", "mail", "uid"}, Attributes: []string{"givenName", "sn", "mail", "uid"},
}, },
} }
} }
// Dump return the config dump // Dump return the config dump
func Dump(config *Config, w io.Writer) error { func Dump(config *Config, w io.Writer) error {
cfg := ini.Empty() cfg := ini.Empty()

View File

@ -23,6 +23,7 @@ type User struct {
} }
var configFile = "server.conf" var configFile = "server.conf"
var secret string
func main() { func main() {
@ -32,6 +33,7 @@ func main() {
if conferr != nil { if conferr != nil {
conf = config.NewDefault() conf = config.NewDefault()
} }
secret = conf.HTTP.Secret
bdd.InitDB() bdd.InitDB()
@ -52,19 +54,18 @@ func main() {
// ServerHTTP is the entry point to all requests // ServerHTTP is the entry point to all requests
func (u *User) ServeHTTP(w http.ResponseWriter, r *http.Request) { func (u *User) ServeHTTP(w http.ResponseWriter, r *http.Request) {
if err := r.ParseForm(); err != nil { if err := r.ParseForm(); err != nil {
log.Printf("ParseForm() err: %v", err) log.Printf("ParseForm() err: %v", err)
} else { } else {
u.Auth(r.FormValue("user"), r.FormValue("password")) u.Auth(r.FormValue("user"), r.FormValue("password"))
} }
if u.Name == "" {
LogInPage(w, r) if r.Method == http.MethodPost && r.Form.Get("option") != "" && r.Form.Get("key") == "hBObfzuTOTv6BjLUxzXaV5MUeNsTdivY" {
VoteEndPoint(w, r)
return return
} }
if r.Method == http.MethodPost && r.Form.Get("option") != "" { if u.Name == "" {
VoteEndPoint(w, r) LogInPage(w, r)
return return
} }
if r.URL.Path == "/" { if r.URL.Path == "/" {
@ -84,6 +85,9 @@ func (u *User) Auth(user string, pass string) bool {
if auth { if auth {
u.Name = user u.Name = user
u.Password = pass u.Password = pass
} else {
u.Name = ""
u.Password = ""
} }
// auth := true // auth := true
// u.Name = "mlamalle" // u.Name = "mlamalle"
@ -107,11 +111,12 @@ func LogInPage(w http.ResponseWriter, r *http.Request) {
// HomePage is the homepage of the app // HomePage is the homepage of the app
func HomePage(w http.ResponseWriter, r *http.Request) { func HomePage(w http.ResponseWriter, r *http.Request) {
type HomeData struct { type HomeData struct {
Key string
Foods foodlist.FoodOfTheDay Foods foodlist.FoodOfTheDay
Votes vote.VotesOfTheDay Votes vote.VotesOfTheDay
} }
datas := HomeData{foodlist.GetFoodOfTheDay(), vote.GetVotesOfTheDay()} datas := HomeData{secret, foodlist.GetFoodOfTheDay(), vote.GetVotesOfTheDay()}
paths := []string{ paths := []string{
"./templates/index.tmpl", "./templates/index.tmpl",

View File

@ -9,7 +9,8 @@
<script src="https://twemoji.maxcdn.com/v/latest/twemoji.min.js" crossorigin="anonymous"></script> <script src="https://twemoji.maxcdn.com/v/latest/twemoji.min.js" crossorigin="anonymous"></script>
<style type="text/css">h2 { margin: 2em 0em; } .ui.container { padding-top: 5em; padding-bottom: 5em; } </style> <style type="text/css">h2 { margin: 2em 0em; } .ui.container { padding-top: 5em; padding-bottom: 5em; } </style>
<script type="text/javascript"> <script type="text/javascript">
function vote(option){$.post( "/", {option}, ( data ) => { $('.modal').modal('show');});} var key = "{{ .Key }}";
function vote(option){$.post( "/", {option, key}, ( data ) => { $('.modal').modal('show');});}
function reload(){document.location.reload(true);} function reload(){document.location.reload(true);}
</script> </script>