register part 2

ldap.go

@@ -36,5 +36,7 @@ func ldapInit() {
 
 	//login interface and login handler
 	http.HandleFunc("/system/auth/ldap/login", ldapHandler.HandleLogin)
+	http.HandleFunc("/system/auth/ldap/setPassword", ldapHandler.HandleSetPassword)
+	http.HandleFunc("/system/auth/ldap/newPassword", ldapHandler.HandleNewPasswordPage)
 	http.HandleFunc("/ldapLogin.system", ldapHandler.HandleLoginPage)
 }

mod/auth/ldap/ldap.go

@@ -7,7 +7,6 @@ import (
 	"regexp"
 	"strconv"
 
-	uuid "github.com/google/uuid"
 	auth "imuslab.com/arozos/mod/auth"
 	"imuslab.com/arozos/mod/auth/ldap/ldapreader"
 	"imuslab.com/arozos/mod/auth/oauth2/syncdb"
@@ -312,6 +311,41 @@ func (ldap *ldapHandler) HandleLoginPage(w http.ResponseWriter, r *http.Request)
 	w.Write([]byte(parsedPage))
 }
 
+func (ldap *ldapHandler) HandleNewPasswordPage(w http.ResponseWriter, r *http.Request) {
+	acc, err := common.Mv(r, "username", false)
+	if err != nil {
+		common.SendErrorResponse(w, err.Error())
+		return
+	}
+	displayname, err := common.Mv(r, "displayname", false)
+	if err != nil {
+		common.SendErrorResponse(w, err.Error())
+		return
+	}
+	key, err := common.Mv(r, "authkey", false)
+	if err != nil {
+		common.SendErrorResponse(w, err.Error())
+		return
+	}
+
+	imgsrc := "./web/" + ldap.iconSystem
+	if !common.FileExists(imgsrc) {
+		imgsrc = "./web/img/public/auth_icon.png"
+	}
+	imageBase64, _ := common.LoadImageAsBase64(imgsrc)
+	template, err := common.Templateload("system/ldap/newPasswordTemplate.html", map[string]interface{}{
+		"vendor_logo":  imageBase64,
+		"username":     acc,
+		"display_name": displayname,
+		"key":          key,
+	})
+	if err != nil {
+		log.Fatal(err)
+	}
+	w.Header().Set("Content-Type", "text/html; charset=UTF-8")
+	w.Write([]byte(template))
+}
+
 func (ldap *ldapHandler) HandleLogin(w http.ResponseWriter, r *http.Request) {
 	//Get username from request using POST mode
 	username, err := common.Mv(r, "username", true)
@@ -352,13 +386,8 @@ func (ldap *ldapHandler) HandleLogin(w http.ResponseWriter, r *http.Request) {
 	if passwordCorrect {
 		//Password correct
 		if !ldap.ag.UserExists(username) {
-			authkey, err := uuid.NewUUID()
-			if err != nil {
-				log.Println("UUID generation failed, " + err.Error())
-				return
-			}
-			ldap.syncdb.Store(authkey.String())
-			common.SendErrorResponse(w, "Redirection=system/auth/ldap/register.html?username="+username+"&displayname="+username+"&authkey="+authkey.String())
+			authkey := ldap.syncdb.Store(username)
+			common.SendErrorResponse(w, "Redirection=system/auth/ldap/newPassword?username="+username+"&displayname="+username+"&authkey="+authkey.String())
 		} else {
 			// Set user as authenticated
 			ldap.ag.LoginUserByRequest(w, r, username, rememberme)
@@ -375,3 +404,27 @@ func (ldap *ldapHandler) HandleLogin(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 }
+
+func (ldap *ldapHandler) HandleSetPassword(w http.ResponseWriter, r *http.Request) {
+	username, err := common.Mv(r, "username", false)
+	if err != nil {
+		common.SendErrorResponse(w, err.Error())
+		return
+	}
+	password, err := common.Mv(r, "password", false)
+	if err != nil {
+		common.SendErrorResponse(w, err.Error())
+		return
+	}
+	authkey, err := common.Mv(r, "authkey", false)
+	if err != nil {
+		common.SendErrorResponse(w, err.Error())
+		return
+	}
+
+	//check if the input key matches the database's username
+	isValid := ldap.syncdb.Read(authkey) == username
+	if isValid {
+
+	}
+}

system/ldap/newPasswordTemplate.html

@@ -0,0 +1,99 @@
+<!DOCTYPE HTML>
+<html>
+
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+    <title>New Password</title>
+    <link rel="stylesheet" href="../../../script/semantic/semantic.css">
+    <link rel="stylesheet" href="../../../script/ao.css">
+    <script type="application/javascript" src="../../../script/jquery.min.js"></script>
+    <script type="application/javascript" src="../../../script/semantic/semantic.js"></script>
+    <style>
+
+    </style>
+</head>
+
+<body>
+    <br><br><br>
+    <div class="ui container" align="center">
+        <div class="ui basic segment" style="max-width:400px;" align="left">
+            <div class="imageRight" align="center">
+                <img class="ui small image" src="data:image/png;base64, {{vendor_logo}}"></img>
+            </div>
+            <div class="ui divider"></div>
+            <div class="ui text container">
+                <p>Hi {{display_name}}, Please set your local password.</p>
+            </div>
+            <div class="ui divider"></div>
+            <form class="ui form" onsubmit="handleFormSubmit(event, this);">
+                <div class="ui divider"></div>
+                <div class="field">
+                    <label>New Password</label>
+                    <input id="npw" type="password" name="newpw" placeholder="New Password">
+                </div>
+                <div class="field">
+                    <label>Confirm New Password</label>
+                    <input id="cpw" type="password" name="confirmnewpw" placeholder="Confirm New Password">
+                </div>
+                <button id="submitbtn" class="ui green button" type="submit">Submit</button>
+            </form>
+            <div id="errmsg" class="ui red inverted segment" style="display:none;">
+                <i class="remove icon"></i> <span id="errtext">Internal Server Error</span>
+            </div>
+            <br>
+            <p>Back to <a href="../ldapLogin.system">Login</a></p>
+        </div>
+    </div>
+
+    <script>
+        var username = "{{username}}";
+        var key = "{{key}}";
+
+        function handleFormSubmit(evt, obj) {
+            evt.preventDefault();
+            var newpw = obj.newpw.value;
+            var cpw = obj.confirmnewpw.value;
+            $("#npw").parent().removeClass("error");
+            $("#cpw").parent().removeClass("error");
+
+            if (newpw != cpw) {
+                showErrorMessage("Confirm password does not match.")
+                $("#cpw").parent().addClass("error");
+                return
+            }
+
+            if (newpw == "" || cpw == "") {
+                showErrorMessage("Password cannot be empty")
+                $("#npw").parent().addClass("error");
+            }
+
+            //Should be OK now. Submit the form for reset password
+            $.ajax({
+                url: "system/auth/ldap/setPassword",
+                method: "POST",
+                data: {
+                    username: username,
+                    password: newpw,
+                    authkey: key,
+                },
+                success: function(data) {
+                    if (data.error !== undefined) {
+                        showErrorMessage(data.error);
+                    } else {
+                        //OK
+                        window.location.href = "index.html";
+                    }
+                }
+            })
+
+        }
+
+        function showErrorMessage(msg) {
+            $("#errtext").text(msg);
+            $("#errmsg").stop().finish().slideDown("fast");
+        }
+    </script>
+</body>
+
+</html>