Initial attempt at adding LDAP login support

[?]
Oct 13, 2019, 12:06 AM
72OTJYGTKL5ISUSCBOYLZLD3BOSKDO5EE2G5BTSZSNV5ZKMYQGIQC

Dependencies

  • [2] 3QWDDLBR Add support for logging in via a Google account
  • [3] WDKFN4B2 Make sign in a modal dialog box rather than a separate page
  • [4] XJRJ4J7M Add user registration
  • [5] 4AKMU4ZB Clean up user editing
  • [6] U2ZK6LZ7 Fix some warnings
  • [7] LZVO64YG Merge in the first bits of the API work
  • [8] 7ZP7ZMMU Make /login give a proper JSON response again
  • [9] NILMMFMY Respect X-Request-Base header coming from a frontend proxy.
  • [10] J5UVLXOK * Start of a basic Catalyst web interface.
  • [*] XUKHBDR5 Prevent Persona users from setting a password
  • [*] 36ZTCZ4F Add basic Persona support
  • [*] HOI5XQHS * Don't use a config file by default. This frees up $HYDRA_CONFIG so

Change contents

  • edit in src/lib/Hydra/Controller/User.pm at line 15
    [12.20]
    [3.435]
    use Encode qw(decode);
  • replacement in src/lib/Hydra/Controller/User.pm at line 32
    [3.878][3.251:379]()
    accessDenied($c, "Bad username or password.")
    if !$c->authenticate({username => $username, password => $password});
    [3.878]
    [3.379]
    if ($c->authenticate({username => $username, password => $password}, 'ldap')) {
    doLDAPLogin($self, $c, $username);
    } elsif ($c->authenticate({username => $username, password => $password})) {}
    else {
    accessDenied($c, "Bad username or password.")
    }
  • edit in src/lib/Hydra/Controller/User.pm at line 51
    [3.24932]
    [13.182]
    sub doLDAPLogin {
    my ($self, $c, $username) = @_;
  • edit in src/lib/Hydra/Controller/User.pm at line 55
    [13.183]
    [3.1420]
    my $user = $c->find_user({ username => $username });
    my $LDAPUser = $c->find_user({ username => $username }, 'ldap');
    my @LDAPRoles = grep { (substr $_, 0, 5) eq "hydra" } $LDAPUser->roles;
  • edit in src/lib/Hydra/Controller/User.pm at line 59
    [3.1421]
    [2.107]
    if (!$user) {
    $c->model('DB::Users')->create(
    { username => $username
    , fullname => decode('UTF-8', $LDAPUser->cn)
    , password => "!"
    , emailaddress => $LDAPUser->mail
    , type => "LDAP"
    });
    $user = $c->find_user({ username => $username }) or die;
    } else {
    $user->update(
    { fullname => decode('UTF-8', $LDAPUser->cn)
    , password => "!"
    , emailaddress => $LDAPUser->mail
    , type => "LDAP"
    });
    }
    $user->userroles->delete;
    if (@LDAPRoles) {
    $user->userroles->create({ role => (substr $_, 6) }) for @LDAPRoles;
    }
    $c->set_authenticated($user);
    }
  • replacement in src/lib/Hydra.pm at line 23
    [3.92][3.1514:1515](),[3.1514][3.1514:1515]()
    [3.92]
    [3.93]
    use YAML qw(LoadFile);
    use Path::Class 'file';
  • edit in src/lib/Hydra.pm at line 48
    [14.590]
    [14.590]
    ldap => LoadFile(
    file($ENV{'HYDRA_LDAP_CONFIG'})
    )