A minimal and suckless LDAP password reset web application.
Find a file
finga 592fed030d Print remote address in Errors
In order to be able to filter in IDS/IPS the source address is now
printed in the logs when an error occurs
2020-07-07 17:55:24 +02:00
src Print remote address in Errors 2020-07-07 17:55:24 +02:00
templates Password reset functionality 2020-07-06 15:30:45 +02:00
.gitignore Prepare rocket requisites to start with 2020-07-03 16:10:46 +02:00
Cargo.lock Password reset functionality 2020-07-06 15:30:45 +02:00
Cargo.toml Password reset functionality 2020-07-06 15:30:45 +02:00
LICENSE Password reset functionality 2020-07-06 15:30:45 +02:00
README.md Password reset functionality 2020-07-06 15:30:45 +02:00
README.org Password reset functionality 2020-07-06 15:30:45 +02:00
Rocket.toml Password reset functionality 2020-07-06 15:30:45 +02:00

Table of Contents

  1. ldap0r
    1. Installation
    2. Todo List
      1. Password reset [5/10]
      2. Configuration [0/5]
      3. Login Section (not sure if going to happen)

ldap0r

So far ldap0r is simply a very small web application just to reset LDAP passwords. An user enters its email address, receives an email containing a link to reset its LDAP password, thats it so far.

Installation

A rust nightly toolchain which can be aquired via https://rustup.rs is needed in order to successfully build ldap0r. Install rustup, download rust nightly, then clone this repository, set the toolchain inside the source directory to nightly, build and run it.

rustup toolchain install nightly
git clone https://git.onders.org/finga/ldap0r.git
cd ldap0r
rustup override set nightly
cargo run

The application can be configured with the Rocket.toml configuration file.

Todo List

Password reset [5/10]

  1. DONE Form to send resetlink

  2. DONE Parse url with reset key

  3. DONE Cleanup all unwraps

  4. DONE Proper error handling

  5. DONE Implement proper logging

  6. TODO Make `keys.lock()` properly thread safe

  7. TODO Check for existing keys

  8. TODO Implement key validity timeout

  9. TODO Implement proper tests

  10. TODO Optionaly store key persistently between restarts

Configuration [0/5]

  1. TODO Fix domain config

  2. TODO Make size of key configurable

  3. TODO Make key validity timeout

  4. TODO Make it possible to send emails over encrypted connections

  5. TODO Make html/text emails configurable

Login Section (not sure if going to happen)