From 65da25ba402a308f72dd3692335fbffbe1409f56 Mon Sep 17 00:00:00 2001 From: Thibault Pelloquin Date: Tue, 19 Oct 2021 23:32:45 +0200 Subject: [PATCH] Add script to handle ssh keys Work by Thibault --- .../tools/tools/landing/ldap_ssh_keys.php | 348 ++++++++++++++++++ nix/sources.json | 2 +- nixops/secrets | 2 +- 3 files changed, 350 insertions(+), 2 deletions(-) create mode 100644 modules/private/websites/tools/tools/landing/ldap_ssh_keys.php diff --git a/modules/private/websites/tools/tools/landing/ldap_ssh_keys.php b/modules/private/websites/tools/tools/landing/ldap_ssh_keys.php new file mode 100644 index 0000000..259e28d --- /dev/null +++ b/modules/private/websites/tools/tools/landing/ldap_ssh_keys.php @@ -0,0 +1,348 @@ + + + + ImmaeEu Account + + + + + + +
+

Gestion des clés SSH

+ $apps, + 'public_key' => $publicKey, + 'comment' => $comment, + ]; + } + + return $keys; +} + +function pushLdapInfos($keys) +{ + $con = doConnect(); + if (!isset($_SESSION["user_dn"])) + return false; + + return ldap_mod_replace($con, $_SESSION["user_dn"], array("immaeSshKey" => $keys)); +} + + +// Script +if (isset($_POST['deconnexion'])) { + $_SESSION = []; +} + +if (isset($_POST['sauvegarder'])) { + $editedKeys = []; + $errors = false; + $keysToSave = []; + foreach($_POST['keys'] as $id => $key) { + $editedKeys[$id] = $key; + if (!checkSshKey($key['public_key'])) { + $editedKeys[$id]['error'] = true; + $errors = true; + } + + if (!isset($key['apps'])) { + $editedKeys[$id]['apps'] = $key['apps'] = []; + + } + foreach ($key['apps'] as $app) { + if (!in_array($app, apps)) { + die("integrity"); + } + } + + if (!isset($editedKeys[$id]['error']) || $editedKeys[$id]['error'] !== true) { + $keysToSave[] = implode('|', $key['apps']) . ' ' . $key['public_key'] . ' ' . $key['comment']; + } + } + + if (!$errors) { + $successSave = pushLdapInfos($keysToSave); + } +} + +$loginErrors = ""; +if (isset($_POST['login'])) { + if (empty($_POST['username']) || empty($_POST['password'])) { + $loginErrors = "Le nom d'utilisateur et le mot de passe sont requis."; + } elseif (!checkLogin($_POST['username'], $_POST['password'])) { + $loginErrors = "Identifiants incorrects."; + } else { + $_SESSION['login'] = $_POST['username']; + } +} + +if (isUserLogged()) : + $keys = isset($editedKeys) ? $editedKeys : getLdapInfo(); +?> +

Connecté en tant que

+ +
+ +
+ + +

Clés enregistrées avec succès.

+ + +
+ + + $sshKey) : + ?> + + + + + + + + + + + + + + + + + + + +
Description
>
+ + + +
+ + +
+ + +
+

Login

+ + +

+ + + + + + + + + +
+ +
+ + + + diff --git a/nix/sources.json b/nix/sources.json index 961d378..1a1cf5a 100644 --- a/nix/sources.json +++ b/nix/sources.json @@ -132,7 +132,7 @@ "webapps-landing": { "ref": "gitolite_local/local_changes", "repo": "https://git.immae.eu/github/bastienwirtz/homer.git", - "rev": "49b6104e9d0059b7990b3dcd53cca664d5cce7af", + "rev": "bb60c5b869931f305f15c5bfa9cdb3f68702f01f", "type": "git", "version": "e0a72b7-local" }, diff --git a/nixops/secrets b/nixops/secrets index 0b9f489..39f3c2c 160000 --- a/nixops/secrets +++ b/nixops/secrets @@ -1 +1 @@ -Subproject commit 0b9f489a7e2e01208d4285c26348b4fa09607e1b +Subproject commit 39f3c2c33c57df2a502b3cdf45635d0afe272739 -- 2.41.0