实现回到头部

2025-11-24 08:47:04 +08:00 · 2017-05-16 15:50:12 +08:00
parent fc6ec31b31
commit f89f369c0d
5 changed files with 193 additions and 1 deletions
--- a/utils/ldap.go
+++ b/utils/ldap.go
@@ -0,0 +1,136 @@
+package utils
+
+import (
+	"gopkg.in/ldap.v2"
+	"fmt"
+	"errors"
+	"github.com/astaxie/beego"
+)
+/*
+对应的config
+ldap:
+  host: hostname.yourdomain.com //ldap服务器地址
+  port: 3268 //ldap服务器端口
+  attribute: mail //用户名对应ldap object属性
+  base: DC=yourdomain,DC=com //搜寻范围
+  user: CN=ldap helper,OU=yourdomain.com,DC=yourdomain,DC=com //第一次绑定用户
+  password: p@sswd //第一次绑定密码
+  ssl: false //使用使用ssl
+*/
+
+func ValidLDAPLogin(password string) (result bool, err error) {
+	result = false
+	err = nil
+	lc, err := ldap.Dial("tcp", fmt.Sprintf("%s:%d", "192.168.3.104", 389))
+	if err != nil {
+		beego.Error("Dial => ",err)
+		return
+	}
+
+	defer lc.Close()
+	err = lc.Bind("cn=admin,dc=minho,dc=com", "123456")
+	if err != nil {
+		beego.Error("Bind => ",err)
+		return
+	}
+	searchRequest := ldap.NewSearchRequest(
+		"DC=minho,DC=com",
+		ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false,
+		fmt.Sprintf("(&(objectClass=User)(%s=%s))","mail", "longfei6671@163.com"),
+		[]string{"dn"},
+		nil,
+	)
+	searchResult, err := lc.Search(searchRequest)
+	if err != nil {
+		beego.Error("Search => ", err)
+		return
+	}
+	if len(searchResult.Entries) != 1 {
+		err = errors.New("ldap.no_user_found_or_many_users_found")
+		return
+	}
+	fmt.Printf("%+v = %d",searchResult.Entries,len(searchResult.Entries))
+
+	userdn := searchResult.Entries[0].DN
+
+	err = lc.Bind(userdn, password)
+	if err == nil {
+		result = true
+	} else {
+		beego.Error("Bind2 => ",err)
+		err = nil
+	}
+	return
+}
+
+func AddMember(account, password string) error {
+	lc, err := ldap.Dial("tcp", fmt.Sprintf("%s:%d", "192.168.3.104", 389))
+	if err != nil {
+		beego.Error("Dial => ",err)
+		return err
+	}
+
+	defer lc.Close()
+	user := fmt.Sprintf("cn=%s,dc=minho,dc=com",account)
+
+	member := ldap.NewAddRequest(user)
+
+	member.Attribute("mail", []string{"longfei6671@163.com"})
+
+	err = lc.Add(member)
+
+	if err == nil {
+
+		err = lc.Bind(user,"")
+		if err != nil {
+			beego.Error("Bind => ",err)
+			return err
+		}
+		passwordModifyRequest := ldap.NewPasswordModifyRequest(user, "", "1q2w3e__ABC")
+		_, err = lc.PasswordModify(passwordModifyRequest)
+
+		if err != nil {
+			beego.Error("PasswordModify => ",err)
+			return err
+		}
+		return nil
+	}
+	beego.Error("Add => ",err)
+	return err
+}
+
+func ModifyPassword(account, old_password, new_password string) error {
+	l, err := ldap.Dial("tcp", fmt.Sprintf("%s:%d", "192.168.3.104", 389))
+	if err != nil {
+		beego.Error("Dial => ",err)
+	}
+	defer l.Close()
+
+	user := fmt.Sprintf("cn=%s,dc=minho,dc=com",account)
+	err = l.Bind(user, old_password)
+	if err != nil {
+		beego.Error("Bind => ",err)
+		return err
+	}
+
+	passwordModifyRequest := ldap.NewPasswordModifyRequest(user, old_password, new_password)
+	_, err = l.PasswordModify(passwordModifyRequest)
+
+	if err != nil {
+		beego.Error(fmt.Sprintf("Password could not be changed: %s", err.Error()))
+		return err
+	}
+	return nil
+}
+
+
+
+
+
+
+
+
+
+
+
+