Added LDAP user exists checks in create_user
This commit is contained in:
parent
83367687a8
commit
1780a1d0b7
|
|
@ -1,4 +1,3 @@
|
|||
require "crystal-argon2"
|
||||
require "jwt"
|
||||
|
||||
module Backend
|
||||
|
|
@ -8,16 +7,6 @@ module Backend
|
|||
|
||||
BEARER = "Bearer "
|
||||
|
||||
def hash_password(password : String) : String
|
||||
Argon2::Password.create(password)
|
||||
end
|
||||
|
||||
# def verify_password?(password : String, hash : String) : Bool
|
||||
# !!Argon2::Password.verify_password(password, hash)
|
||||
# rescue
|
||||
# false
|
||||
# end
|
||||
|
||||
private def create_jwt(data, expiration : Int) : String
|
||||
JWT.encode({"data" => data.to_h, "exp" => expiration}, Backend.config.api.jwt_secret, JWT::Algorithm::HS256)
|
||||
end
|
||||
|
|
|
|||
|
|
@ -1,5 +1,4 @@
|
|||
require "ldap"
|
||||
require "socket"
|
||||
|
||||
module Backend
|
||||
module Api
|
||||
|
|
@ -19,27 +18,15 @@ module Backend
|
|||
)
|
||||
end
|
||||
|
||||
# -> LDAP server
|
||||
# @[GraphQL::Field]
|
||||
# def update_password(context : Context, password : String) : LoginPayload
|
||||
# context.authenticated!
|
||||
|
||||
# if Auth.verify_password?(password, context.user.not_nil!.password)
|
||||
# raise "New password must be different from old password"
|
||||
# end
|
||||
|
||||
# context.user.not_nil!.update!(password: Auth.hash_password(password))
|
||||
|
||||
# LoginPayload.new(
|
||||
# user: User.new(context.user.not_nil!),
|
||||
# token: Auth.create_user_jwt(context.user.not_nil!.id.not_nil!.to_i),
|
||||
# )
|
||||
# end
|
||||
|
||||
@[GraphQL::Field]
|
||||
def create_user(context : Context, input : UserCreateInput) : User
|
||||
context.admin!
|
||||
|
||||
raise "LDAP user does not exist" unless begin
|
||||
!!Ldap.user(Ldap.uid(input.username))
|
||||
rescue LDAP::Client::AuthError
|
||||
false
|
||||
end
|
||||
user = Db::User.create!(username: input.username, role: input.role.to_s)
|
||||
|
||||
User.new(user)
|
||||
|
|
|
|||
Loading…
Reference in a new issue