Further improvements regarding indents
This commit is contained in:
parent
0f3fd1d5d9
commit
7c41f0145c
149
src/main.rs
149
src/main.rs
|
|
@ -58,6 +58,7 @@ fn reset_prepare(config: &Ldap0rConfig, keys: &Keys, email_address: &str) -> Res
|
|||
ldap.unbind()?;
|
||||
let (rs, _res) = result.success()?;
|
||||
|
||||
// check for less or more than 1 result
|
||||
if rs.len() != 1 {
|
||||
bail!("Invalid password reset request for '{}'", email_address);
|
||||
}
|
||||
|
|
@ -101,76 +102,78 @@ fn set_password(
|
|||
key: &str,
|
||||
passwords: &PasswordsForm,
|
||||
) -> Result<Flash<Redirect>> {
|
||||
if passwords.password == passwords.password_control {
|
||||
if passwords.password.len() >= 8 {
|
||||
// key lookup
|
||||
let keys = Arc::clone(&keys.keys);
|
||||
if let Ok(mut keys) = keys.lock() {
|
||||
let email = keys
|
||||
.get(key)
|
||||
.ok_or_else(|| anyhow!("Could not extract email"))?
|
||||
.to_string();
|
||||
|
||||
// ldap lookup
|
||||
let mut ldap = LdapConn::new(&config.ldap.server)?;
|
||||
let result = ldap.search(
|
||||
&config.ldap.base,
|
||||
Scope::Subtree,
|
||||
&format!("(&{}(mail={}))", &config.ldap.filter, &email),
|
||||
vec!["cn"],
|
||||
)?;
|
||||
let (mut rs, _res) = result.success()?;
|
||||
|
||||
// ldap set new password
|
||||
let user = SearchEntry::construct(
|
||||
rs.pop()
|
||||
.ok_or_else(|| anyhow!("Could extract not receive LDAP result"))?,
|
||||
)
|
||||
.attrs
|
||||
.get("cn")
|
||||
.ok_or_else(|| anyhow!("Could not extract 'cn' from LDAP entry"))?[0]
|
||||
.to_string();
|
||||
let mut password = HashSet::new();
|
||||
password.insert(passwords.password.as_str());
|
||||
ldap.simple_bind(&config.ldap.bind, &config.ldap.password)?
|
||||
.success()?;
|
||||
ldap.with_controls(RelaxRules.critical())
|
||||
.modify(
|
||||
&format!("cn={},{}", &user, &config.ldap.base),
|
||||
vec![Mod::Replace("userPassword", password)],
|
||||
)?
|
||||
.success()?;
|
||||
|
||||
ldap.unbind()?;
|
||||
keys.remove(key);
|
||||
|
||||
info!(
|
||||
"New password set for user '{}' with email address '{}'",
|
||||
&user, &email
|
||||
);
|
||||
return Ok(Flash::success(
|
||||
Redirect::to(uri!(reset)),
|
||||
"New password was saved",
|
||||
));
|
||||
} else {
|
||||
error!("Could not aquire lock for keys");
|
||||
};
|
||||
} else {
|
||||
return Ok(Flash::error(
|
||||
Redirect::to(uri!(reset_key: key)),
|
||||
"Password length has to be at least 8",
|
||||
));
|
||||
}
|
||||
} else {
|
||||
if passwords.password != passwords.password_control {
|
||||
return Ok(Flash::error(
|
||||
Redirect::to(uri!(reset_key: key)),
|
||||
"Password does not match the password verification field",
|
||||
));
|
||||
}
|
||||
|
||||
Ok(Flash::error(
|
||||
Redirect::to(uri!(reset_key: key)),
|
||||
"Setting new password failed",
|
||||
if passwords.password.len() < 8 {
|
||||
return Ok(Flash::error(
|
||||
Redirect::to(uri!(reset_key: key)),
|
||||
"Password length has to be at least 8",
|
||||
));
|
||||
}
|
||||
|
||||
// key lookup
|
||||
let keys = Arc::clone(&keys.keys);
|
||||
let mut keys = match keys.lock() {
|
||||
Ok(keys) => keys,
|
||||
Err(e) => {
|
||||
error!("Could not aquire lock for keys: {}", e);
|
||||
return Ok(Flash::error(
|
||||
Redirect::to(uri!(reset_key: key)),
|
||||
"Setting new password failed",
|
||||
));
|
||||
}
|
||||
};
|
||||
let email = keys
|
||||
.get(key)
|
||||
.ok_or_else(|| anyhow!("Could not extract email"))?
|
||||
.to_string();
|
||||
|
||||
// ldap lookup
|
||||
let mut ldap = LdapConn::new(&config.ldap.server)?;
|
||||
let result = ldap.search(
|
||||
&config.ldap.base,
|
||||
Scope::Subtree,
|
||||
&format!("(&{}(mail={}))", &config.ldap.filter, &email),
|
||||
vec!["cn"],
|
||||
)?;
|
||||
let (mut rs, _res) = result.success()?;
|
||||
|
||||
// ldap set new password
|
||||
let user = SearchEntry::construct(
|
||||
rs.pop()
|
||||
.ok_or_else(|| anyhow!("Could extract not receive LDAP result"))?,
|
||||
)
|
||||
.attrs
|
||||
.get("cn")
|
||||
.ok_or_else(|| anyhow!("Could not extract 'cn' from LDAP entry"))?[0]
|
||||
.to_string();
|
||||
let mut password = HashSet::new();
|
||||
password.insert(passwords.password.as_str());
|
||||
ldap.simple_bind(&config.ldap.bind, &config.ldap.password)?
|
||||
.success()?;
|
||||
ldap.with_controls(RelaxRules.critical())
|
||||
.modify(
|
||||
&format!("cn={},{}", &user, &config.ldap.base),
|
||||
vec![Mod::Replace("userPassword", password)],
|
||||
)?
|
||||
.success()?;
|
||||
|
||||
ldap.unbind()?;
|
||||
keys.remove(key);
|
||||
|
||||
info!(
|
||||
"New password set for user '{}' with email address '{}'",
|
||||
&user, &email
|
||||
);
|
||||
|
||||
Ok(Flash::success(
|
||||
Redirect::to(uri!(reset)),
|
||||
"New password was saved",
|
||||
))
|
||||
}
|
||||
|
||||
|
|
@ -241,6 +244,7 @@ fn reset_key(keys: State<Keys>, key: String, flash: Option<FlashMessage>) -> Opt
|
|||
} else {
|
||||
error!("Could not aquire lock for keys");
|
||||
}
|
||||
|
||||
None
|
||||
}
|
||||
|
||||
|
|
@ -252,16 +256,13 @@ fn reset_password(
|
|||
key: String,
|
||||
passwords: Form<PasswordsForm>,
|
||||
) -> Flash<Redirect> {
|
||||
match set_password(&config, &keys, &key, &passwords) {
|
||||
Ok(flash) => flash,
|
||||
Err(e) => {
|
||||
error!("{} from {}", e, remote_address);
|
||||
Flash::error(
|
||||
Redirect::to(uri!(reset_key: key)),
|
||||
"Setting new password failed",
|
||||
)
|
||||
}
|
||||
}
|
||||
set_password(&config, &keys, &key, &passwords).unwrap_or_else(|e| {
|
||||
error!("{} from {}", e, remote_address);
|
||||
Flash::error(
|
||||
Redirect::to(uri!(reset_key: key)),
|
||||
"Setting new password failed",
|
||||
)
|
||||
})
|
||||
}
|
||||
|
||||
fn main() {
|
||||
|
|
|
|||
Loading…
Reference in a new issue