mirror of https://github.com/mindoc-org/mindoc.git
ldaps support
parent
91f3e897bf
commit
a2202f8878
|
@ -128,6 +128,8 @@ baidumapkey=
|
||||||
################Active Directory/LDAP################
|
################Active Directory/LDAP################
|
||||||
#是否启用ldap
|
#是否启用ldap
|
||||||
ldap_enable=false
|
ldap_enable=false
|
||||||
|
#ldap协议(ldap/ldaps)
|
||||||
|
ldap_scheme=ldap
|
||||||
#ldap主机名
|
#ldap主机名
|
||||||
ldap_host=ad.example.com
|
ldap_host=ad.example.com
|
||||||
#ldap端口
|
#ldap端口
|
||||||
|
|
|
@ -3,11 +3,13 @@ package models
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"crypto/md5"
|
"crypto/md5"
|
||||||
|
"crypto/tls"
|
||||||
"encoding/hex"
|
"encoding/hex"
|
||||||
"encoding/json"
|
"encoding/json"
|
||||||
"errors"
|
"errors"
|
||||||
"fmt"
|
"fmt"
|
||||||
"io/ioutil"
|
"io/ioutil"
|
||||||
|
"net"
|
||||||
"net/http"
|
"net/http"
|
||||||
"net/url"
|
"net/url"
|
||||||
"regexp"
|
"regexp"
|
||||||
|
@ -27,6 +29,8 @@ import (
|
||||||
"github.com/mindoc-org/mindoc/utils"
|
"github.com/mindoc-org/mindoc/utils"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
var LdapDefaultTimeout = 8 * time.Second
|
||||||
|
|
||||||
type Member struct {
|
type Member struct {
|
||||||
MemberId int `orm:"pk;auto;unique;column(member_id)" json:"member_id"`
|
MemberId int `orm:"pk;auto;unique;column(member_id)" json:"member_id"`
|
||||||
Account string `orm:"size(100);unique;column(account);description(登录名)" json:"account"`
|
Account string `orm:"size(100);unique;column(account);description(登录名)" json:"account"`
|
||||||
|
@ -124,8 +128,18 @@ func (m *Member) ldapLogin(account string, password string) (*Member, error) {
|
||||||
return m, ErrMemberAuthMethodInvalid
|
return m, ErrMemberAuthMethodInvalid
|
||||||
}
|
}
|
||||||
var err error
|
var err error
|
||||||
ldaphost, _ := web.AppConfig.String("ldap_host")
|
var ldapOpt ldap.DialOpt
|
||||||
lc, err := ldap.DialURL(fmt.Sprintf("ldap://%s:%d", ldaphost, web.AppConfig.DefaultInt("ldap_port", 3268)))
|
ldap_scheme := web.AppConfig.DefaultString("ldap_scheme", "ldap")
|
||||||
|
dialer := net.Dialer{Timeout: LdapDefaultTimeout}
|
||||||
|
if ldap_scheme == "ldaps" {
|
||||||
|
ldapOpt = ldap.DialWithTLSDialer(&tls.Config{InsecureSkipVerify: true}, &dialer)
|
||||||
|
} else {
|
||||||
|
ldapOpt = ldap.DialWithDialer(&dialer)
|
||||||
|
}
|
||||||
|
ldap_host, _ := web.AppConfig.String("ldap_host")
|
||||||
|
ldap_port := web.AppConfig.DefaultInt("ldap_port", 3268)
|
||||||
|
ldap_url := fmt.Sprintf("%s://%s:%d", ldap_scheme, ldap_host, ldap_port)
|
||||||
|
lc, err := ldap.DialURL(ldap_url, ldapOpt)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
logs.Error("绑定 LDAP 用户失败 ->", err)
|
logs.Error("绑定 LDAP 用户失败 ->", err)
|
||||||
return m, ErrLDAPConnect
|
return m, ErrLDAPConnect
|
||||||
|
|
Loading…
Reference in New Issue