A minimal and suckless LDAP password reset web application.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
finga 1bcaa3d164 Fix license and formatting 2 years ago
src Use a type alias instead of struct for `Keys` 2 years ago
templates Password reset functionality 2 years ago
.gitignore Prepare rocket requisites to start with 2 years ago
Cargo.lock Cargo update 2 years ago
Cargo.toml Fix license and formatting 2 years ago
LICENSE Fix license 2 years ago
README.md Improve readme and fix typos 2 years ago
README.org Improve readme and fix typos 2 years ago
Rocket.toml Password reset functionality 2 years ago

README.md

Table of Contents

  1. ldap0r
    1. Installation
    2. Contribution
    3. Todo List
      1. Password reset [5/11]
      2. Configuration [0/5]
      3. Login Section (not sure if going to happen)

ldap0r

So far ldap0r is simply a very small web application just to reset LDAP passwords. All it is capable of is to let an user enter its email address and send an email containing a generated link to reset the LDAP password, that's it so far. My motivation was to have something "suckless" which does not depend on PHP or similar insane.

Installation

A rust nightly toolchain which can be acquired via https://rustup.rs is needed in order to successfully build ldap0r. Install rustup, download rust nightly, then clone this repository, set the toolchain inside the source directory to nightly, build and run it.

rustup toolchain install nightly
git clone https://git.onders.org/finga/ldap0r.git
cd ldap0r
rustup override set nightly
cargo run

The application can be configured with the Rocket.toml configuration file.

Contribution

I am open for suggestions and appreciate any feedback.

Todo List

Password reset [5/11]

  1. DONE Form to send reset link

  2. DONE Parse URL with reset key

  3. DONE Cleanup all unwraps

  4. DONE Proper error handling

  5. DONE Implement proper logging

  6. TODO Make `keys.lock()` properly thread safe

  7. TODO Check for existing keys

  8. TODO Implement key validity timeout

  9. TODO Implement proper tests

  10. TODO Optionally store key persistently between restarts

  11. TODO Should tera templates instead of handlebar templates be used?

Configuration [0/5]

  1. TODO Fix domain config

  2. TODO Make size of key configurable

  3. TODO Make key validity timeout

  4. TODO Make it possible to send emails over encrypted connections

  5. TODO Make html/text emails configurable

Login Section (not sure if going to happen)