finga/ldap0r
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
ldap0r/README.org
finga 7b0e4b4a31 Password reset functionality 
On the `reset` page an email address can be submitted. If an account
associated with the submitted email address an email is sent
containing an URL. This URL can be used to set a new password.

- Add GPLv3 for licensing
- Add dependencies
  - `rocket_contrib` to be able to use handlebar templates
  - `anyhow` to handle errors
  - `log` for logging
  - `ldap3` to communicate with a LDAP server
  - `lettre` and `lettre_email` to handle the generation of emails and
    to send them
  - `rand` to generate random keys
- Add `README.org` which is also used to generate `README.md`
- Add configuration parameters
  - domain
  - LDAP
    - server
    - base
    - filter
    - bind
    - password
- Change default development address to 0.0.0.0
- Add structs to handle data
- Add functions to handle password reset actions
  - `reset_prepare()` to generate a new key, send it to the requestor
    and keep it in the memory
  - `set_password()` to check for the key and set the password
- Add routes
- Add tests
- Add templates
  - `reset.html.hbs` to submit an email address
  - `reset_key.html.hbs` to set the new password
2020-07-06 15:30:45 +02:00

43 lines
1.5 KiB
Org Mode
Raw Blame History

* ldap0r
So far =ldap0r= is simply a very small web application just to reset
LDAP passwords. An user enters its email address, receives an email
containing a link to reset its LDAP password, thats it so far.
** Installation
A rust nightly toolchain which can be aquired via https://rustup.rs
is needed in order to successfully build =ldap0r=. Install =rustup=,
download rust nightly, then clone this repository, set the
toolchain inside the source directory to nightly, build and run it.
#+BEGIN_SRC sh
rustup toolchain install nightly
git clone https://git.onders.org/finga/ldap0r.git
cd ldap0r
rustup override set nightly
cargo run
#+END_SRC
The application can be configured with the =Rocket.toml=
configuration file.
** Todo List
*** Password reset [5/10]
**** DONE Form to send resetlink
**** DONE Parse url with reset key
**** DONE Cleanup all unwraps
**** DONE Proper error handling
**** DONE Implement proper logging
**** TODO Make `keys.lock()` properly thread safe
**** TODO Check for existing keys
**** TODO Implement key validity timeout
**** TODO Implement proper tests
**** TODO Optionaly store key persistently between restarts
*** Configuration [0/5]
**** TODO Fix domain config
**** TODO Make size of key configurable
**** TODO Make key validity timeout
**** TODO Make it possible to send emails over encrypted connections
**** TODO Make html/text emails configurable
*** Login Section (not sure if going to happen)
Reference in a new issue View git blame Copy permalink