mirror of
https://codeberg.org/shroff/phylum.git
synced 2026-05-14 16:18:34 -05:00
[server][auth] Auto create accounts from certain domains
This commit is contained in:
Abhishek Shroff
@@ -5,6 +5,7 @@ import (
|
||||
"encoding/base64"
|
||||
"errors"
|
||||
"net/http"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"codeberg.org/shroff/phylum/server/internal/auth/crypt"
|
||||
@@ -53,13 +54,24 @@ func Init(cfg Config, log zerolog.Logger) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func VerifyUserPassword(db db.Handler, email, password string) (core.User, error) {
|
||||
if b, err := passwordBackend.VerifyUserPassword(db, email, password); err != nil {
|
||||
func VerifyUserPassword(d db.Handler, email, password string) (core.User, error) {
|
||||
if b, err := passwordBackend.VerifyUserPassword(d, email, password); err != nil {
|
||||
return core.User{}, err
|
||||
} else if !b {
|
||||
return core.User{}, ErrCredentialsInvalid
|
||||
}
|
||||
return core.UserByEmail(db, email)
|
||||
user, err := core.UserByEmail(d, email)
|
||||
if errors.Is(err, core.ErrUserNotFound) {
|
||||
for _, domain := range cfg.AutoCreateDomains {
|
||||
if strings.HasSuffix(strings.ToLower(email), "@"+strings.ToLower(domain)) {
|
||||
err = d.RunInTx(func(db db.TxHandler) error {
|
||||
user, err = core.CreateUser(db, email, "", false)
|
||||
return err
|
||||
})
|
||||
}
|
||||
}
|
||||
}
|
||||
return user, err
|
||||
}
|
||||
|
||||
func CreateAccessToken(db db.TxHandler, email, password string) (core.User, string, error) {
|
||||
|
||||
@@ -6,7 +6,8 @@ import (
|
||||
)
|
||||
|
||||
type Config struct {
|
||||
Password PasswordConfig `koanf:"password"`
|
||||
AutoCreateDomains []string `koanf:"auto_create_domains"`
|
||||
Password PasswordConfig `koanf:"password"`
|
||||
}
|
||||
|
||||
type PasswordConfig struct {
|
||||
|
||||
@@ -4,6 +4,7 @@ import (
|
||||
"context"
|
||||
"embed"
|
||||
"errors"
|
||||
"fmt"
|
||||
"os"
|
||||
"path"
|
||||
"strings"
|
||||
@@ -150,6 +151,7 @@ func SetupCommand() {
|
||||
fs.SetupCommand(),
|
||||
user.SetupCommand(),
|
||||
serve.SetupCommand(),
|
||||
createLDAPTestCommand(),
|
||||
)
|
||||
cmd.AddGroup(&cobra.Group{ID: "misc", Title: "Misc"})
|
||||
cmd.SetHelpCommandGroupID("misc")
|
||||
@@ -157,6 +159,21 @@ func SetupCommand() {
|
||||
cmd.Execute()
|
||||
}
|
||||
|
||||
func createLDAPTestCommand() *cobra.Command {
|
||||
cmd := &cobra.Command{
|
||||
Use: "ldap",
|
||||
}
|
||||
cmd.Run = func(c *cobra.Command, args []string) {
|
||||
if u, err := auth.VerifyUserPassword(db.Get(context.Background()), "ldaptest@kudosoft.net", "asdfasdf"); err != nil {
|
||||
fmt.Println(err.Error())
|
||||
} else {
|
||||
fmt.Printf("%+v\n", u)
|
||||
}
|
||||
|
||||
}
|
||||
return cmd
|
||||
}
|
||||
|
||||
func isCmd(cmd *cobra.Command, s string) bool {
|
||||
for c := cmd; c != nil; c = c.Parent() {
|
||||
if cmd.Name() == s {
|
||||
|
||||
@@ -17,8 +17,8 @@ core:
|
||||
permission: 0x10 # Invite users
|
||||
|
||||
auth:
|
||||
auto_create:
|
||||
- "@example.com"
|
||||
auto_create_domains:
|
||||
- example.com
|
||||
password:
|
||||
backend: crypt
|
||||
crypt:
|
||||
|
||||
Reference in New Issue
Block a user