ldap0r/README.md


# Table of Contents

1.  [ldap0r](#orgf56b909)
    1.  [Installation](#org6f0551a)
    2.  [Contribution](#org8358327)
    3.  [Todo List](#orga6f7ebf)
        1.  [Password reset <code>[5/11]</code>](#org83950f1)
        2.  [Configuration <code>[0/5]</code>](#orgf7ec86e)
        3.  [Login Section (not sure if going to happen)](#org9f168b0)


<a id="orgf56b909"></a>

# ldap0r

So far `ldap0r` is simply a very small web application just to reset
LDAP passwords. All it is capable of is to let an user enter its
email address and send an email containing a generated link to reset
the LDAP password, that's it so far. My motivation was to have
something "suckless" which does not depend on PHP or similar insane.


<a id="org6f0551a"></a>

## Installation

A rust nightly toolchain which can be acquired via <https://rustup.rs>
is needed in order to successfully build `ldap0r`. Install `rustup`,
download rust nightly, then clone this repository, set the
toolchain inside the source directory to nightly, build and run it.

    rustup toolchain install nightly
    git clone https://git.onders.org/finga/ldap0r.git
    cd ldap0r
    rustup override set nightly
    cargo run

The application can be configured with the `Rocket.toml`
configuration file.


<a id="org8358327"></a>

## Contribution

I am open for suggestions and appreciate any feedback.


<a id="orga6f7ebf"></a>

## Todo List


<a id="org83950f1"></a>

### Password reset <code>[5/11]</code>

1.  DONE Form to send reset link

2.  DONE Parse URL with reset key

3.  DONE Cleanup all unwraps

4.  DONE Proper error handling

5.  DONE Implement proper logging

6.  TODO Make \`keys.lock()\` properly thread safe

7.  TODO Check for existing keys

8.  TODO Implement key validity timeout

9.  TODO Implement proper tests

10. TODO Optionally store key persistently between restarts

11. TODO Should `tera` templates instead of `handlebar` templates be used?


<a id="orgf7ec86e"></a>

### Configuration <code>[0/5]</code>

1.  TODO Fix domain config

2.  TODO Make size of key configurable

3.  TODO Make key validity timeout

4.  TODO Make it possible to send emails over encrypted connections

5.  TODO Make html/text emails configurable


<a id="org9f168b0"></a>

### Login Section (not sure if going to happen)
Password reset functionality On the `reset` page an email address can be submitted. If an account associated with the submitted email address an email is sent containing an URL. This URL can be used to set a new password. - Add GPLv3 for licensing - Add dependencies - `rocket_contrib` to be able to use handlebar templates - `anyhow` to handle errors - `log` for logging - `ldap3` to communicate with a LDAP server - `lettre` and `lettre_email` to handle the generation of emails and to send them - `rand` to generate random keys - Add `README.org` which is also used to generate `README.md` - Add configuration parameters - domain - LDAP - server - base - filter - bind - password - Change default development address to 0.0.0.0 - Add structs to handle data - Add functions to handle password reset actions - `reset_prepare()` to generate a new key, send it to the requestor and keep it in the memory - `set_password()` to check for the key and set the password - Add routes - Add tests - Add templates - `reset.html.hbs` to submit an email address - `reset_key.html.hbs` to set the new password 2020-07-05 21:12:43 +02:00
			`# Table of Contents`

Improve readme and fix typos 2020-07-08 21:22:20 +02:00			`1. [ldap0r](#orgf56b909)`
			`1. [Installation](#org6f0551a)`
			`2. [Contribution](#org8358327)`
			`3. [Todo List](#orga6f7ebf)`
			`1. [Password reset <code>[5/11]</code>](#org83950f1)`
			`2. [Configuration <code>[0/5]</code>](#orgf7ec86e)`
			`3. [Login Section (not sure if going to happen)](#org9f168b0)`
Password reset functionality On the `reset` page an email address can be submitted. If an account associated with the submitted email address an email is sent containing an URL. This URL can be used to set a new password. - Add GPLv3 for licensing - Add dependencies - `rocket_contrib` to be able to use handlebar templates - `anyhow` to handle errors - `log` for logging - `ldap3` to communicate with a LDAP server - `lettre` and `lettre_email` to handle the generation of emails and to send them - `rand` to generate random keys - Add `README.org` which is also used to generate `README.md` - Add configuration parameters - domain - LDAP - server - base - filter - bind - password - Change default development address to 0.0.0.0 - Add structs to handle data - Add functions to handle password reset actions - `reset_prepare()` to generate a new key, send it to the requestor and keep it in the memory - `set_password()` to check for the key and set the password - Add routes - Add tests - Add templates - `reset.html.hbs` to submit an email address - `reset_key.html.hbs` to set the new password 2020-07-05 21:12:43 +02:00

Improve readme and fix typos 2020-07-08 21:22:20 +02:00			`<a id="orgf56b909"></a>`
Password reset functionality On the `reset` page an email address can be submitted. If an account associated with the submitted email address an email is sent containing an URL. This URL can be used to set a new password. - Add GPLv3 for licensing - Add dependencies - `rocket_contrib` to be able to use handlebar templates - `anyhow` to handle errors - `log` for logging - `ldap3` to communicate with a LDAP server - `lettre` and `lettre_email` to handle the generation of emails and to send them - `rand` to generate random keys - Add `README.org` which is also used to generate `README.md` - Add configuration parameters - domain - LDAP - server - base - filter - bind - password - Change default development address to 0.0.0.0 - Add structs to handle data - Add functions to handle password reset actions - `reset_prepare()` to generate a new key, send it to the requestor and keep it in the memory - `set_password()` to check for the key and set the password - Add routes - Add tests - Add templates - `reset.html.hbs` to submit an email address - `reset_key.html.hbs` to set the new password 2020-07-05 21:12:43 +02:00
			`# ldap0r`

			So far `ldap0r` is simply a very small web application just to reset
Improve readme and fix typos 2020-07-08 21:22:20 +02:00			`LDAP passwords. All it is capable of is to let an user enter its`
			`email address and send an email containing a generated link to reset`
			`the LDAP password, that's it so far. My motivation was to have`
			`something "suckless" which does not depend on PHP or similar insane.`
Password reset functionality On the `reset` page an email address can be submitted. If an account associated with the submitted email address an email is sent containing an URL. This URL can be used to set a new password. - Add GPLv3 for licensing - Add dependencies - `rocket_contrib` to be able to use handlebar templates - `anyhow` to handle errors - `log` for logging - `ldap3` to communicate with a LDAP server - `lettre` and `lettre_email` to handle the generation of emails and to send them - `rand` to generate random keys - Add `README.org` which is also used to generate `README.md` - Add configuration parameters - domain - LDAP - server - base - filter - bind - password - Change default development address to 0.0.0.0 - Add structs to handle data - Add functions to handle password reset actions - `reset_prepare()` to generate a new key, send it to the requestor and keep it in the memory - `set_password()` to check for the key and set the password - Add routes - Add tests - Add templates - `reset.html.hbs` to submit an email address - `reset_key.html.hbs` to set the new password 2020-07-05 21:12:43 +02:00

Improve readme and fix typos 2020-07-08 21:22:20 +02:00			`<a id="org6f0551a"></a>`
Password reset functionality On the `reset` page an email address can be submitted. If an account associated with the submitted email address an email is sent containing an URL. This URL can be used to set a new password. - Add GPLv3 for licensing - Add dependencies - `rocket_contrib` to be able to use handlebar templates - `anyhow` to handle errors - `log` for logging - `ldap3` to communicate with a LDAP server - `lettre` and `lettre_email` to handle the generation of emails and to send them - `rand` to generate random keys - Add `README.org` which is also used to generate `README.md` - Add configuration parameters - domain - LDAP - server - base - filter - bind - password - Change default development address to 0.0.0.0 - Add structs to handle data - Add functions to handle password reset actions - `reset_prepare()` to generate a new key, send it to the requestor and keep it in the memory - `set_password()` to check for the key and set the password - Add routes - Add tests - Add templates - `reset.html.hbs` to submit an email address - `reset_key.html.hbs` to set the new password 2020-07-05 21:12:43 +02:00
			`## Installation`

Improve readme and fix typos 2020-07-08 21:22:20 +02:00			`A rust nightly toolchain which can be acquired via <https://rustup.rs>`
Password reset functionality On the `reset` page an email address can be submitted. If an account associated with the submitted email address an email is sent containing an URL. This URL can be used to set a new password. - Add GPLv3 for licensing - Add dependencies - `rocket_contrib` to be able to use handlebar templates - `anyhow` to handle errors - `log` for logging - `ldap3` to communicate with a LDAP server - `lettre` and `lettre_email` to handle the generation of emails and to send them - `rand` to generate random keys - Add `README.org` which is also used to generate `README.md` - Add configuration parameters - domain - LDAP - server - base - filter - bind - password - Change default development address to 0.0.0.0 - Add structs to handle data - Add functions to handle password reset actions - `reset_prepare()` to generate a new key, send it to the requestor and keep it in the memory - `set_password()` to check for the key and set the password - Add routes - Add tests - Add templates - `reset.html.hbs` to submit an email address - `reset_key.html.hbs` to set the new password 2020-07-05 21:12:43 +02:00			is needed in order to successfully build `ldap0r`. Install `rustup`,
			`download rust nightly, then clone this repository, set the`
			`toolchain inside the source directory to nightly, build and run it.`

			`rustup toolchain install nightly`
			`git clone https://git.onders.org/finga/ldap0r.git`
			`cd ldap0r`
			`rustup override set nightly`
			`cargo run`

			The application can be configured with the `Rocket.toml`
			`configuration file.`


Improve readme and fix typos 2020-07-08 21:22:20 +02:00			`<a id="org8358327"></a>`

			`## Contribution`

			`I am open for suggestions and appreciate any feedback.`


			`<a id="orga6f7ebf"></a>`
Password reset functionality On the `reset` page an email address can be submitted. If an account associated with the submitted email address an email is sent containing an URL. This URL can be used to set a new password. - Add GPLv3 for licensing - Add dependencies - `rocket_contrib` to be able to use handlebar templates - `anyhow` to handle errors - `log` for logging - `ldap3` to communicate with a LDAP server - `lettre` and `lettre_email` to handle the generation of emails and to send them - `rand` to generate random keys - Add `README.org` which is also used to generate `README.md` - Add configuration parameters - domain - LDAP - server - base - filter - bind - password - Change default development address to 0.0.0.0 - Add structs to handle data - Add functions to handle password reset actions - `reset_prepare()` to generate a new key, send it to the requestor and keep it in the memory - `set_password()` to check for the key and set the password - Add routes - Add tests - Add templates - `reset.html.hbs` to submit an email address - `reset_key.html.hbs` to set the new password 2020-07-05 21:12:43 +02:00
			`## Todo List`


Improve readme and fix typos 2020-07-08 21:22:20 +02:00			`<a id="org83950f1"></a>`
Password reset functionality On the `reset` page an email address can be submitted. If an account associated with the submitted email address an email is sent containing an URL. This URL can be used to set a new password. - Add GPLv3 for licensing - Add dependencies - `rocket_contrib` to be able to use handlebar templates - `anyhow` to handle errors - `log` for logging - `ldap3` to communicate with a LDAP server - `lettre` and `lettre_email` to handle the generation of emails and to send them - `rand` to generate random keys - Add `README.org` which is also used to generate `README.md` - Add configuration parameters - domain - LDAP - server - base - filter - bind - password - Change default development address to 0.0.0.0 - Add structs to handle data - Add functions to handle password reset actions - `reset_prepare()` to generate a new key, send it to the requestor and keep it in the memory - `set_password()` to check for the key and set the password - Add routes - Add tests - Add templates - `reset.html.hbs` to submit an email address - `reset_key.html.hbs` to set the new password 2020-07-05 21:12:43 +02:00
Improve readme and fix typos 2020-07-08 21:22:20 +02:00			`### Password reset <code>[5/11]</code>`
Password reset functionality On the `reset` page an email address can be submitted. If an account associated with the submitted email address an email is sent containing an URL. This URL can be used to set a new password. - Add GPLv3 for licensing - Add dependencies - `rocket_contrib` to be able to use handlebar templates - `anyhow` to handle errors - `log` for logging - `ldap3` to communicate with a LDAP server - `lettre` and `lettre_email` to handle the generation of emails and to send them - `rand` to generate random keys - Add `README.org` which is also used to generate `README.md` - Add configuration parameters - domain - LDAP - server - base - filter - bind - password - Change default development address to 0.0.0.0 - Add structs to handle data - Add functions to handle password reset actions - `reset_prepare()` to generate a new key, send it to the requestor and keep it in the memory - `set_password()` to check for the key and set the password - Add routes - Add tests - Add templates - `reset.html.hbs` to submit an email address - `reset_key.html.hbs` to set the new password 2020-07-05 21:12:43 +02:00
Improve readme and fix typos 2020-07-08 21:22:20 +02:00			`1. DONE Form to send reset link`
Password reset functionality On the `reset` page an email address can be submitted. If an account associated with the submitted email address an email is sent containing an URL. This URL can be used to set a new password. - Add GPLv3 for licensing - Add dependencies - `rocket_contrib` to be able to use handlebar templates - `anyhow` to handle errors - `log` for logging - `ldap3` to communicate with a LDAP server - `lettre` and `lettre_email` to handle the generation of emails and to send them - `rand` to generate random keys - Add `README.org` which is also used to generate `README.md` - Add configuration parameters - domain - LDAP - server - base - filter - bind - password - Change default development address to 0.0.0.0 - Add structs to handle data - Add functions to handle password reset actions - `reset_prepare()` to generate a new key, send it to the requestor and keep it in the memory - `set_password()` to check for the key and set the password - Add routes - Add tests - Add templates - `reset.html.hbs` to submit an email address - `reset_key.html.hbs` to set the new password 2020-07-05 21:12:43 +02:00
Improve readme and fix typos 2020-07-08 21:22:20 +02:00			`2. DONE Parse URL with reset key`
Password reset functionality On the `reset` page an email address can be submitted. If an account associated with the submitted email address an email is sent containing an URL. This URL can be used to set a new password. - Add GPLv3 for licensing - Add dependencies - `rocket_contrib` to be able to use handlebar templates - `anyhow` to handle errors - `log` for logging - `ldap3` to communicate with a LDAP server - `lettre` and `lettre_email` to handle the generation of emails and to send them - `rand` to generate random keys - Add `README.org` which is also used to generate `README.md` - Add configuration parameters - domain - LDAP - server - base - filter - bind - password - Change default development address to 0.0.0.0 - Add structs to handle data - Add functions to handle password reset actions - `reset_prepare()` to generate a new key, send it to the requestor and keep it in the memory - `set_password()` to check for the key and set the password - Add routes - Add tests - Add templates - `reset.html.hbs` to submit an email address - `reset_key.html.hbs` to set the new password 2020-07-05 21:12:43 +02:00
			`3. DONE Cleanup all unwraps`

			`4. DONE Proper error handling`

			`5. DONE Implement proper logging`

			6. TODO Make \`keys.lock()\` properly thread safe

			`7. TODO Check for existing keys`

			`8. TODO Implement key validity timeout`

			`9. TODO Implement proper tests`

Improve readme and fix typos 2020-07-08 21:22:20 +02:00			`10. TODO Optionally store key persistently between restarts`

			11. TODO Should `tera` templates instead of `handlebar` templates be used?
Password reset functionality On the `reset` page an email address can be submitted. If an account associated with the submitted email address an email is sent containing an URL. This URL can be used to set a new password. - Add GPLv3 for licensing - Add dependencies - `rocket_contrib` to be able to use handlebar templates - `anyhow` to handle errors - `log` for logging - `ldap3` to communicate with a LDAP server - `lettre` and `lettre_email` to handle the generation of emails and to send them - `rand` to generate random keys - Add `README.org` which is also used to generate `README.md` - Add configuration parameters - domain - LDAP - server - base - filter - bind - password - Change default development address to 0.0.0.0 - Add structs to handle data - Add functions to handle password reset actions - `reset_prepare()` to generate a new key, send it to the requestor and keep it in the memory - `set_password()` to check for the key and set the password - Add routes - Add tests - Add templates - `reset.html.hbs` to submit an email address - `reset_key.html.hbs` to set the new password 2020-07-05 21:12:43 +02:00

Improve readme and fix typos 2020-07-08 21:22:20 +02:00			`<a id="orgf7ec86e"></a>`
Password reset functionality On the `reset` page an email address can be submitted. If an account associated with the submitted email address an email is sent containing an URL. This URL can be used to set a new password. - Add GPLv3 for licensing - Add dependencies - `rocket_contrib` to be able to use handlebar templates - `anyhow` to handle errors - `log` for logging - `ldap3` to communicate with a LDAP server - `lettre` and `lettre_email` to handle the generation of emails and to send them - `rand` to generate random keys - Add `README.org` which is also used to generate `README.md` - Add configuration parameters - domain - LDAP - server - base - filter - bind - password - Change default development address to 0.0.0.0 - Add structs to handle data - Add functions to handle password reset actions - `reset_prepare()` to generate a new key, send it to the requestor and keep it in the memory - `set_password()` to check for the key and set the password - Add routes - Add tests - Add templates - `reset.html.hbs` to submit an email address - `reset_key.html.hbs` to set the new password 2020-07-05 21:12:43 +02:00
			`### Configuration <code>[0/5]</code>`

			`1. TODO Fix domain config`

			`2. TODO Make size of key configurable`

			`3. TODO Make key validity timeout`

			`4. TODO Make it possible to send emails over encrypted connections`

			`5. TODO Make html/text emails configurable`


Improve readme and fix typos 2020-07-08 21:22:20 +02:00			`<a id="org9f168b0"></a>`
Password reset functionality On the `reset` page an email address can be submitted. If an account associated with the submitted email address an email is sent containing an URL. This URL can be used to set a new password. - Add GPLv3 for licensing - Add dependencies - `rocket_contrib` to be able to use handlebar templates - `anyhow` to handle errors - `log` for logging - `ldap3` to communicate with a LDAP server - `lettre` and `lettre_email` to handle the generation of emails and to send them - `rand` to generate random keys - Add `README.org` which is also used to generate `README.md` - Add configuration parameters - domain - LDAP - server - base - filter - bind - password - Change default development address to 0.0.0.0 - Add structs to handle data - Add functions to handle password reset actions - `reset_prepare()` to generate a new key, send it to the requestor and keep it in the memory - `set_password()` to check for the key and set the password - Add routes - Add tests - Add templates - `reset.html.hbs` to submit an email address - `reset_key.html.hbs` to set the new password 2020-07-05 21:12:43 +02:00
			`### Login Section (not sure if going to happen)`