Update ldap.go

mod/auth/ldap/ldap.go

@@ -44,6 +44,13 @@ type UserAccount struct {
 	EquivGroup []string `json:"equiv_group"`
 }
 
+//syncorizeUserReturnInterface not designed to be used outside
+type syncorizeUserReturnInterface struct {
+	Userinfo []UserAccount `json:"userinfo"`
+	Length   int           `json:"length"`
+	Error    string        `json:"error"`
+}
+
 //NewLdapHandler xxx
 func NewLdapHandler(authAgent *auth.AuthAgent, register *reg.RegisterHandler, coreDb *db.Database, permissionHandler *permission.PermissionHandler, userHandler *user.UserHandler, iconSystem string) *ldapHandler {
 	//ldap handler init
@@ -315,6 +322,7 @@ func (ldap *ldapHandler) HandleLoginPage(w http.ResponseWriter, r *http.Request)
 }
 
 func (ldap *ldapHandler) HandleNewPasswordPage(w http.ResponseWriter, r *http.Request) {
+	//get the parameter from the request
 	acc, err := common.Mv(r, "username", false)
 	if err != nil {
 		common.SendErrorResponse(w, err.Error())
@@ -330,7 +338,7 @@ func (ldap *ldapHandler) HandleNewPasswordPage(w http.ResponseWriter, r *http.Re
 		common.SendErrorResponse(w, err.Error())
 		return
 	}
-
+	//init the web interface
 	imgsrc := "./web/" + ldap.iconSystem
 	if !common.FileExists(imgsrc) {
 		imgsrc = "./web/img/public/auth_icon.png"
@@ -388,9 +396,10 @@ func (ldap *ldapHandler) HandleLogin(w http.ResponseWriter, r *http.Request) {
 	//The database contain this user information. Check its password if it is correct
 	if passwordCorrect {
 		//Password correct
+		//if user not exist then redirect to create pwd screen
 		if !ldap.ag.UserExists(username) {
 			authkey := ldap.syncdb.Store(username)
-			common.SendErrorResponse(w, "Redirection=system/auth/ldap/newPassword?username="+username+"&displayname="+username+"&authkey="+authkey)
+			common.SendJSONResponse(w, "{\"redirect\":\"system/auth/ldap/newPassword?username="+username+"&displayname="+username+"&authkey="+authkey+"\"}")
 		} else {
 			// Set user as authenticated
 			ldap.ag.LoginUserByRequest(w, r, username, rememberme)
@@ -409,6 +418,7 @@ func (ldap *ldapHandler) HandleLogin(w http.ResponseWriter, r *http.Request) {
 }
 
 func (ldap *ldapHandler) HandleSetPassword(w http.ResponseWriter, r *http.Request) {
+	//get paramters from request
 	username, err := common.Mv(r, "username", true)
 	if err != nil {
 		common.SendErrorResponse(w, err.Error())
@@ -427,19 +437,28 @@ func (ldap *ldapHandler) HandleSetPassword(w http.ResponseWriter, r *http.Reques
 
 	//check if the input key matches the database's username
 	isValid := ldap.syncdb.Read(authkey) == username
-	ldap.syncdb.Delete(authkey) // remove the key
+	ldap.syncdb.Delete(authkey) // remove the key, aka key is one time use only
+	//if db data match the username, proceed
 	if isValid {
+		//if not exists
 		if !ldap.ag.UserExists(username) {
+			//get the user from ldap server
 			ldapUser, err := ldap.ldapreader.GetUser(username)
 			if err != nil {
 				common.SendErrorResponse(w, err.Error())
 				return
 			}
+			//convert the ldap usergroup to arozos usergroup
 			convertedInfo := ldap.convertGroup(ldapUser)
+			//create user account and login
 			ldap.ag.CreateUserAccount(username, password, convertedInfo.EquivGroup)
-			common.SendOK(w)
+			ldap.ag.Logger.LogAuth(r, true)
+			ldap.ag.LoginUserByRequest(w, r, username, false)
+			http.Redirect(w, r, "index.html", 301)
+			//common.SendOK(w)
 			return
 		} else {
+			//if exist then return error
 			common.SendErrorResponse(w, "User exists, please contact the system administrator if you believe this is an error.")
 			return
 		}