-
Notifications
You must be signed in to change notification settings - Fork 17
/
service.go
74 lines (61 loc) · 1.47 KB
/
service.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
package rule
import (
"log"
"sort"
"github.com/tiagoapimenta/nginx-ldap-auth/data"
"github.com/tiagoapimenta/nginx-ldap-auth/group"
"github.com/tiagoapimenta/nginx-ldap-auth/user"
)
type Service struct {
storage *data.Storage
user *user.Service
group *group.Service
required []string
}
func NewService(storage *data.Storage, userService *user.Service, groupService *group.Service, required []string) *Service {
return &Service{
storage: storage,
user: userService,
group: groupService,
required: required,
}
}
func (p *Service) Validate(username, password string) bool {
ok, found := p.storage.Get(username, password)
if found {
return ok
}
ok, err := p.validate(username, password)
if err != nil {
log.Printf("Could not validade user %s: %v\n", username, err)
return false
}
p.storage.Put(username, password, ok)
return ok
}
func (p *Service) validate(username, password string) (bool, error) {
ok, id, err := p.user.Find(username)
if !ok && err != nil {
return false, err
} else if err != nil {
return false, nil
}
ok, err = p.user.Login(id, password)
if !ok && err != nil {
return false, err
}
if ok || p.required == nil || len(p.required) == 0 {
return err != nil, nil
}
groups, err := p.group.Find(id)
if err != nil {
return false, err
}
for _, group := range p.required {
pos := sort.SearchStrings(groups, group)
if pos >= len(groups) || groups[pos] != group {
return false, nil
}
}
return true, nil
}