apps/openlan
1
0
Fork 0
mirror of https://github.com/luscis/openlan.git synced 2025-10-24 01:13:26 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity
Files
ac4f79bbf48162a776b799d31efc9d6e34f5480e
openlan/pkg/libol/ldap.go
sicheng ac4f79bbf4 clone from danieldin95
2022-07-29 23:38:54 +08:00

71 lines
1.4 KiB
Go
Executable File
Raw Blame History

package libol
import (
"crypto/tls"
"fmt"
"github.com/go-ldap/ldap"
)
type LDAPConfig struct {
Server string
BindDN string
Password string
BaseDN string
Attr string
Filter string
EnableTls bool
Timeout int64
}
type LDAPService struct {
Conn *ldap.Conn
Cfg LDAPConfig
}
func NewLDAPService(cfg LDAPConfig) (*LDAPService, error) {
conn, err := ldap.Dial("tcp", cfg.Server)
if err != nil {
return nil, err
}
if cfg.EnableTls {
err = conn.StartTLS(&tls.Config{InsecureSkipVerify: true})
if err != nil {
return nil, err
}
}
if err = conn.Bind(cfg.BindDN, cfg.Password); err != nil {
return nil, err
}
if cfg.Timeout == 0 {
cfg.Timeout = 8 * 3600
}
return &LDAPService{Conn: conn, Cfg: cfg}, nil
}
func (l *LDAPService) Login(userName, password string) (bool, error) {
request := ldap.NewSearchRequest(
l.Cfg.BaseDN,
ldap.ScopeWholeSubtree, ldap.NeverDerefAliases,
0, 0, false,
fmt.Sprintf(l.Cfg.Filter, userName),
[]string{l.Cfg.Attr},
nil,
)
Debug("LDAPService.Login %v", request)
result, err := l.Conn.Search(request)
if err != nil {
return false, err
}
if len(result.Entries) != 1 {
return false, fmt.Errorf("invalid users")
}
userDN := result.Entries[0].DN
if err = l.Conn.Bind(userDN, password); err != nil {
return false, err
}
if err = l.Conn.Bind(l.Cfg.BindDN, l.Cfg.Password); err != nil {
return false, nil
}
return true, nil
}
Reference in New Issue View Git Blame Copy Permalink