zishuo/KubePi
1
0
Fork 0
mirror of https://github.com/1Panel-dev/KubePi.git synced 2025-10-06 15:57:03 +08:00
Code Issues Packages Projects Releases Wiki Activity

feat: LDAP支持SSL

Browse Source
This commit is contained in:
wangzhengkun
2022-05-19 12:59:53 +08:00
parent 2aee4b8677
commit b5ed4888ac
4 changed files with 23 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
internal/model/v1/ldap/ldap.go
View File

@@ -15,6 +15,7 @@ type Ldap struct {
Dn string `json:"dn"` Dn string `json:"dn"`
Filter string `json:"filter"` Filter string `json:"filter"`
Mapping string `json:"mapping"` Mapping string `json:"mapping"`
TLS bool `json:"tls"`
} }
func (l *Ldap) GetAttributes() ([]string, error) { func (l *Ldap) GetAttributes() ([]string, error) {

8
internal/service/v1/ldap/ldap.go
View File

@@ -51,7 +51,7 @@ func (l *service) Create(ldap *v1Ldap.Ldap, options common.DBOptions) error {
if err != nil { if err != nil {
return err return err
} }
lc := ldapClient.NewLdapClient(ldap.Address, ldap.Port, ldap.Username, ldap.Password) lc := ldapClient.NewLdapClient(ldap.Address, ldap.Port, ldap.Username, ldap.Password, ldap.TLS)
err = lc.Connect() err = lc.Connect()
if err != nil { if err != nil {
return err return err
@@ -78,7 +78,7 @@ func (l *service) Update(id string, ldap *v1Ldap.Ldap, options common.DBOptions)
if err != nil { if err != nil {
return err return err
} }
lc := ldapClient.NewLdapClient(ldap.Address, ldap.Port, ldap.Username, ldap.Password) lc := ldapClient.NewLdapClient(ldap.Address, ldap.Port, ldap.Username, ldap.Password, ldap.TLS)
if err := lc.Connect(); err != nil { if err := lc.Connect(); err != nil {
return err return err
} }
@@ -129,7 +129,7 @@ func (l *service) Login(user v1User.User, password string, options common.DBOpti
userFilter = "(" + v + "=" + user.Name + ")" userFilter = "(" + v + "=" + user.Name + ")"
} }
} }
lc := ldapClient.NewLdapClient(ldap.Address, ldap.Port, ldap.Username, ldap.Password) lc := ldapClient.NewLdapClient(ldap.Address, ldap.Port, ldap.Username, ldap.Password, ldap.TLS)
if err := lc.Connect(); err != nil { if err := lc.Connect(); err != nil {
return err return err
} }
@@ -141,7 +141,7 @@ func (l *service) Sync(id string, options common.DBOptions) error {
if err != nil { if err != nil {
return err return err
} }
lc := ldapClient.NewLdapClient(ldap.Address, ldap.Port, ldap.Username, ldap.Password) lc := ldapClient.NewLdapClient(ldap.Address, ldap.Port, ldap.Username, ldap.Password, ldap.TLS)
if err := lc.Connect(); err != nil { if err := lc.Connect(); err != nil {
return err return err
} }

18
pkg/util/ldap/ldap_client.go
View File

@@ -1,6 +1,7 @@
package ldap package ldap
import ( import (
"crypto/tls"
"errors" "errors"
"fmt" "fmt"
"github.com/go-ldap/ldap" "github.com/go-ldap/ldap"
@@ -12,26 +13,35 @@ type Ldap struct {
Username string `json:"username"` Username string `json:"username"`
Password string `json:"password"` Password string `json:"password"`
Conn *ldap.Conn Conn *ldap.Conn
TLS bool `json:"tls"`
} }
func NewLdapClient(address, port, username, password string) *Ldap { func NewLdapClient(address, port, username, password string, tls bool) *Ldap {
return &Ldap{ return &Ldap{
Username: username, Username: username,
Address: address, Address: address,
Password: password, Password: password,
Port: port, Port: port,
TLS: tls,
} }
} }
func (l *Ldap) Connect() error { func (l *Ldap) Connect() error {
conn, err := ldap.Dial("tcp", fmt.Sprintf("%s:%s", l.Address, l.Port)) var err error
if l.TLS {
l.Conn, err = ldap.DialTLS("tcp", fmt.Sprintf("%s:%s", l.Address, l.Port), &tls.Config{
InsecureSkipVerify: true,
})
} else {
l.Conn, err = ldap.Dial("tcp", fmt.Sprintf("%s:%s", l.Address, l.Port))
}
if err != nil { if err != nil {
return err return err
} }
if err := conn.Bind(l.Username, l.Password); err != nil { if err := l.Conn.Bind(l.Username, l.Password); err != nil {
return err return err
} }
l.Conn = conn
return nil return nil
} }

4
web/kubepi/src/business/user-management/ldap/index.vue
View File

@@ -10,6 +10,10 @@
<el-form-item style="width: 100%" :label="$t('business.user.ldap_port')" prop="port" > <el-form-item style="width: 100%" :label="$t('business.user.ldap_port')" prop="port" >
<el-input v-model="form.port" :placeholder="'389'" type="number"></el-input> <el-input v-model="form.port" :placeholder="'389'" type="number"></el-input>
</el-form-item> </el-form-item>
<el-form-item style="width: 100%" :label="$t('business.user.ldap_tls')" prop="tls" >
<el-checkbox v-model="form.tls">{{$t('commons.bool.true')}}</el-checkbox>
<!-- <el-input v-model="form.port" :placeholder="'389'" type="number"></el-input>-->
</el-form-item>
<el-form-item style="width: 100%" :label="$t('business.user.ldap_username')" prop="username"> <el-form-item style="width: 100%" :label="$t('business.user.ldap_username')" prop="username">
<el-input v-model="form.username" :placeholder="'cn=Manager,dc=ko,dc=com'"></el-input> <el-input v-model="form.username" :placeholder="'cn=Manager,dc=ko,dc=com'"></el-input>
</el-form-item> </el-form-item>