finga/ldap0r
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
ldap0r/README.md
finga 7b0e4b4a31 Password reset functionality 
On the `reset` page an email address can be submitted. If an account
associated with the submitted email address an email is sent
containing an URL. This URL can be used to set a new password.

- Add GPLv3 for licensing
- Add dependencies
  - `rocket_contrib` to be able to use handlebar templates
  - `anyhow` to handle errors
  - `log` for logging
  - `ldap3` to communicate with a LDAP server
  - `lettre` and `lettre_email` to handle the generation of emails and
    to send them
  - `rand` to generate random keys
- Add `README.org` which is also used to generate `README.md`
- Add configuration parameters
  - domain
  - LDAP
    - server
    - base
    - filter
    - bind
    - password
- Change default development address to 0.0.0.0
- Add structs to handle data
- Add functions to handle password reset actions
  - `reset_prepare()` to generate a new key, send it to the requestor
    and keep it in the memory
  - `set_password()` to check for the key and set the password
- Add routes
- Add tests
- Add templates
  - `reset.html.hbs` to submit an email address
  - `reset_key.html.hbs` to set the new password
2020-07-06 15:30:45 +02:00

87 lines
1.9 KiB
Markdown
Raw Blame History

# Table of Contents
1. [ldap0r](#org5453f05)
1. [Installation](#org225ba27)
2. [Todo List](#org54f2856)
1. [Password reset <code>[5/10]</code>](#org09786dd)
2. [Configuration <code>[0/5]</code>](#orgb93c7a2)
3. [Login Section (not sure if going to happen)](#orga66a23f)
<a id="org5453f05"></a>
# ldap0r
So far `ldap0r` is simply a very small web application just to reset
LDAP passwords. An user enters its email address, receives an email
containing a link to reset its LDAP password, thats it so far.
<a id="org225ba27"></a>
## Installation
A rust nightly toolchain which can be aquired via <https://rustup.rs>
is needed in order to successfully build `ldap0r`. Install `rustup`,
download rust nightly, then clone this repository, set the
toolchain inside the source directory to nightly, build and run it.
rustup toolchain install nightly
git clone https://git.onders.org/finga/ldap0r.git
cd ldap0r
rustup override set nightly
cargo run
The application can be configured with the `Rocket.toml`
configuration file.
<a id="org54f2856"></a>
## Todo List
<a id="org09786dd"></a>
### Password reset <code>[5/10]</code>
1. DONE Form to send resetlink
2. DONE Parse url with reset key
3. DONE Cleanup all unwraps
4. DONE Proper error handling
5. DONE Implement proper logging
6. TODO Make \`keys.lock()\` properly thread safe
7. TODO Check for existing keys
8. TODO Implement key validity timeout
9. TODO Implement proper tests
10. TODO Optionaly store key persistently between restarts
<a id="orgb93c7a2"></a>
### Configuration <code>[0/5]</code>
1. TODO Fix domain config
2. TODO Make size of key configurable
3. TODO Make key validity timeout
4. TODO Make it possible to send emails over encrypted connections
5. TODO Make html/text emails configurable
<a id="orga66a23f"></a>
### Login Section (not sure if going to happen)
Reference in a new issue View git blame Copy permalink