Hey Brad,

This is not neat, but attached you'll find some code that can do the job in 
a full Mojolicious app. Should be .pm though.

I did use it to login successfully through ldap as discussed.





On Monday, 19 February 2018 14:29:09 UTC-5, Brad Robertson wrote:
>
> On Sun, Feb 18, 2018 at 05:48:08PM -0800, Luc Larochelle wrote: 
> > Hey Brad this is looking good ! If you need me to share what I've done 
> with net::ldaps + certificates let me know. 
> > 
> > Would be terrific if the session object was returned in some way so the 
> that the AD entries are accessible. 
> > 
> > -- 
> > You received this message because you are subscribed to the Google 
> Groups "Mojolicious" group. 
> > To unsubscribe from this group and stop receiving emails from it, send 
> an email to mojolicious...@googlegroups.com <javascript:>. 
> > To post to this group, send email to mojol...@googlegroups.com 
> <javascript:>. 
> > Visit this group at https://groups.google.com/group/mojolicious. 
> > For more options, visit https://groups.google.com/d/optout. 
>
> Sure, if you want to share, that would be great, thanks.  I'll keep in 
> mind your request for the LDAP session object to be returned.  :-) 
>
> Regards, 
>
> -- 
> Brad Robertson 
> <bradrob...@gmail.com <javascript:>> 
>

-- 
You received this message because you are subscribed to the Google Groups 
"Mojolicious" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to mojolicious+unsubscr...@googlegroups.com.
To post to this group, send email to mojolicious@googlegroups.com.
Visit this group at https://groups.google.com/group/mojolicious.
For more options, visit https://groups.google.com/d/optout.
package Auth;
use Mojo::Base 'Mojolicious::Controller';
use Net::LDAPS;
use Data::Dumper;


        my $SSLMODE = 1;
        my $SSLCAFILE = 'mycert.ca';
        my $SSLVERIFYCA = 0;


sub connectToLdap($) {

        my $url = shift;

        my $ldap;
        my $verifyca = 'none';

        if($SSLMODE) {
                if($SSLVERIFYCA) {$verifyca = 'require';}

                eval {$ldap = Net::LDAPS->new($url, verify => $verifyca, cafile => $SSLCAFILE)};
                if ($@) { logger(0, $@); }
    }
    else {
        $ldap = Net::LDAP->new($url);
    }

    return $ldap;
}

sub auth_netLDAP {

        my $self = shift;
        my $username = $self->param('username');
        my $password = $self->param('password');


        my $BINDUSER='CN=user,OU=unitDC=my,DC=domain,DC=com';
        my $BINDPASS='xxxxxxxxxxx';
        my $LDAPBASE="OU=unit,DC=my,DC=domain,DC=com";
        my $LDAPUID = "samaccountname";
        my $LDAPSERVERURL="ldaps://dapserver.domain.com";

    my $LDAPError = 0;

    # Need to have $username and $password before calling
    
    my $ldap = connectToLdap($LDAPSERVERURL);

    my $mesg = $ldap->bind($BINDUSER, password => $BINDPASS);
    return unless $mesg;

    if ($mesg->code) {
        say "Error #" . $mesg->code . " binding to LDAP server.";
        return;
    } 

    $mesg = $ldap->search(base => $LDAPBASE, filter => "($LDAPUID=$username)");

    if ($mesg->code) {
        say "Error #" . $mesg->code . " searching LDAP server for $username.";
        $ldap->unbind;
        return;
    }

    my $entry = $mesg->entry(0);


        $self->session->{givenName} = $entry->get_value("givenName");
        $self->session->{displayName} = $entry->get_value("displayName");


    if(!defined($entry)) {
        say "User $username not found in LDAP.";
        $ldap->unbind;
        return;
    } else {
        my $dn = $entry->dn;
        my $result = $ldap->bind(dn => $dn, password => $password);
    }

    $ldap->unbind;

    return $self;


}


sub login {
  use Net::LDAPS;
  
  my $c = shift;
  my $username = $c->param('username');
  my $password = $c->param('password');
   
  if ($c->auth_netLDAP) {

                $c->session->{username} = $username;
                print Dumper($c->stash);
                my $user = {
                        username => $username,
                        password => '',
                        name     => $c->session->{givenName},
                };

                #$c->stash->(givenName => $c->session->{givenName});

                print Dumper($user);

                $c->model->add_user($user);
        }

        $c->redirect_to('/');
}

sub logout {
  my $c = shift;
  $c->session(expires => 1);
  $c->redirect_to('/');
}

1;

Reply via email to