gawells/Self-Service-Dashboard
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 6 Wiki Activity

Compare commits

base: gawells:ffcaee7170e831a2b08227b44230b81fd0eb02ae
Branches Tags
gawells:master
gawells:v0.0.6 gawells:v0.0.5 gawells:v0.0.4 gawells:737a1908e0 gawells:074b3f8f31 gawells:c5358e6c50
...
compare: gawells:737a1908e0
Branches Tags
gawells:master
gawells:v0.0.6 gawells:v0.0.5 gawells:v0.0.4 gawells:737a1908e0 gawells:074b3f8f31 gawells:c5358e6c50

5 Commits
ffcaee7170 ... 737a1908e0

Author SHA1 Message Date
Gregory Wells
737a1908e0 add server side password change information 2026-03-31 22:05:47 -04:00
Gregory Wells
c628c688f7 send request to the server 2026-03-31 21:39:38 -04:00
Gregory Wells
d283ad0a0a add close button 2026-03-31 21:37:10 -04:00
Gregory Wells
a8c8feeb3e redid final styling touches 2026-03-31 21:19:36 -04:00
Gregory Wells
939a55c44b finish styling for change password page 2026-03-31 21:15:26 -04:00
8 changed files with 218 additions and 88 deletions
Expand all files Collapse all files

35
src/main/ldap.go
View File

@@ -133,6 +133,41 @@ func modifyLDAPAttribute(server *LDAPServer, userDN string, attribute string, da
return nil return nil
} }
func changeLDAPPassword(server *LDAPServer, userDN, oldPassword, newPassword string) error {
logging.Infof("Changing LDAP password for %s", userDN)
if server == nil || server.Connection == nil {
return fmt.Errorf("LDAP connection not initialized")
}
// Ensure connection is alive
if server.Connection.IsClosing() {
if err := reconnectToLDAPServer(server); err != nil {
return err
}
}
// Bind as the user (required for FreeIPA self-password change)
err := server.Connection.Bind(userDN, oldPassword)
if err != nil {
logging.Errorf("Failed to bind as user: %s", err.Error())
return err
}
// Perform password modify extended operation
_, err = server.Connection.PasswordModify(&ldap.PasswordModifyRequest{
UserIdentity: userDN,
OldPassword: oldPassword,
NewPassword: newPassword,
})
if err != nil {
logging.Errorf("Password modify failed: %s", err.Error())
return err
}
logging.Infof("Password successfully changed for %s", userDN)
return nil
}
func closeLDAPServer(server *LDAPServer) { func closeLDAPServer(server *LDAPServer) {
if server != nil && server.Connection != nil { if server != nil && server.Connection != nil {
logging.Debug("Closing connection to LDAP server") logging.Debug("Closing connection to LDAP server")

91
src/main/main.go
View File

@@ -309,46 +309,62 @@ func cleanupSessions() {
} }
} }
// func changePasswordHandler(w http.ResponseWriter, r *http.Request) { func changePasswordHandler(w http.ResponseWriter, r *http.Request) {
// exist, sessionData := validateSession(r) w.Header().Set("Content-Type", "application/json")
// if !exist {
// http.Redirect(w, r, "/login", http.StatusSeeOther)
// return
// }
// err := r.ParseMultipartForm(10 << 20) // 10MB limit
// if err != nil {
// http.Error(w, "Bad request", http.StatusBadRequest)
// return
// }
// if r.FormValue("csrf_token") != sessionData.CSRFToken { exist, sessionData := validateSession(r)
// http.Error(w, "CSRF Forbidden", http.StatusForbidden) if !exist {
// return w.WriteHeader(http.StatusUnauthorized)
// } w.Write([]byte(`{"success": false, "error": "Not authenticated"}`))
return
}
// file, header, err := r.FormFile("photo") err := r.ParseMultipartForm(10 << 20)
// if err != nil { if err != nil {
// http.Error(w, "File not found", http.StatusBadRequest) w.WriteHeader(http.StatusBadRequest)
// return w.Write([]byte(`{"success": false, "error": "Bad request"}`))
// } return
// defer file.Close() }
// if header.Size > (10 * 1024 * 1024) {
// http.Error(w, "File is to large (limit is 10 MB)", http.StatusBadRequest)
// return
// }
// // 3. Read file into memory if r.FormValue("csrf_token") != sessionData.CSRFToken {
// data, err := io.ReadAll(file) w.WriteHeader(http.StatusForbidden)
// if err != nil { w.Write([]byte(`{"success": false, "error": "CSRF Forbidden"}`))
// http.Error(w, "Failed to read file", http.StatusInternalServerError) return
// return }
// }
// userDN := fmt.Sprintf("uid=%s,cn=users,cn=accounts,%s", sessionData.data.Username, serverConfig.LDAPConfig.BaseDN) oldPassword := r.FormValue("old_password")
// ldapServerMutex.Lock() newPassword := r.FormValue("new_password")
// defer ldapServerMutex.Unlock() newPasswordRepeat := r.FormValue("new_password_repeat")
// modifyLDAPAttribute(ldapServer, userDN, "jpegphoto", []string{string(data)})
// createUserPhoto(sessionData.data.Username, data) if newPassword != newPasswordRepeat {
// } w.WriteHeader(http.StatusBadRequest)
w.Write([]byte(`{"success": false, "error": "Passwords do not match"}`))
return
}
userDN := fmt.Sprintf(
"uid=%s,cn=users,cn=accounts,%s",
sessionData.data.Username,
serverConfig.LDAPConfig.BaseDN,
)
err = changeLDAPPassword(ldapServer, userDN, oldPassword, newPassword)
if err != nil {
w.WriteHeader(http.StatusInternalServerError)
if strings.Contains(err.Error(), "Invalid Credentials") {
w.Write([]byte(`{"success": false, "error": "Current password incorrect"}`))
} else if strings.Contains(err.Error(), "Too soon to change password") {
w.Write([]byte(`{"success": false, "error": "Too soon to change password"}`))
} else {
w.Write([]byte(`{"success": false, "error": "Internal error"}`))
}
return
}
w.WriteHeader(http.StatusOK)
w.Write([]byte(`{"success": true}`))
}
func main() { func main() {
logging.Info("Starting the server") logging.Info("Starting the server")
@@ -380,6 +396,7 @@ func main() {
HandleFunc("/avatar", avatarHandler) HandleFunc("/avatar", avatarHandler)
HandleFunc("/change-photo", uploadPhotoHandler) HandleFunc("/change-photo", uploadPhotoHandler)
HandleFunc("/change-password", changePasswordHandler)
HandleFunc("/", func(w http.ResponseWriter, r *http.Request) { HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
http.Redirect(w, r, "/profile", http.StatusFound) // 302 redirect http.Redirect(w, r, "/profile", http.StatusFound) // 302 redirect

4
src/pages/login_page.html
View File

@@ -22,12 +22,12 @@
</div> </div>
<div> <div>
<label class="login_text">Username</label><br /> <label class="input_label">Username</label><br />
<input type="text" name="username" placeholder="" required /> <input type="text" name="username" placeholder="" required />
</div> </div>
<div> <div>
<label class="login_text">Password</label><br /> <label class="input_label">Password</label><br />
<input type="password" name="password" placeholder="" required /> <input type="password" name="password" placeholder="" required />
</div> </div>
<button type="submit">Login</button> <button type="submit">Login</button>

110
src/pages/profile_page.html
View File

@@ -12,7 +12,11 @@
<div id="popup_background" class="blocked hidden"></div> <div id="popup_background" class="blocked hidden"></div>
<div id="change_password_dialouge" class="hidden card"> <div id="change_password_dialogue" class="hidden card static_center">
Change Password
<button id="close_password_dialogue">X</button>
<div id="password_error" class="error hidden"> <div id="password_error" class="error hidden">
<div id="password_text"></div> <div id="password_text"></div>
<button id="password_error_close_button" class="close_error_button"> <button id="password_error_close_button" class="close_error_button">
@@ -20,20 +24,39 @@
</button> </button>
</div> </div>
<div>
<label class="input_label">Current password</label><br />
<input <input
type="password" type="password"
id="current_password" id="current_password"
placeholder="Current Password" name="current_password"
placeholder=""
required
/> />
<br /> </div>
<input type="password" id="new_password" placeholder="New Password" />
<br /> <div>
<label class="input_label">New password</label><br />
<input
type="password"
id="new_password"
name="new_password"
placeholder=""
required
/>
</div>
<div>
<label class="input_label">New password (repeat)</label><br />
<input <input
type="password" type="password"
id="new_password_repeat" id="new_password_repeat"
placeholder="New Password(repeat)" name="new_password_repeat"
placeholder=""
required
/> />
<br /> </div>
<button id="final_change_password_button">Change Password</button> <button id="final_change_password_button">Change Password</button>
</div> </div>
@@ -119,7 +142,7 @@
popup_botton.addEventListener("click", () => { popup_botton.addEventListener("click", () => {
document.getElementById("popup_background").classList.remove("hidden"); document.getElementById("popup_background").classList.remove("hidden");
document document
.getElementById("change_password_dialouge") .getElementById("change_password_dialogue")
.classList.remove("hidden"); .classList.remove("hidden");
}); });
</script> </script>
@@ -137,43 +160,69 @@
} }
changePasswordButton.addEventListener("click", () => { changePasswordButton.addEventListener("click", () => {
if (document.getElementById("current_password").value == "") { if (document.getElementById("current_password").value === "") {
displayError("Please enter current password"); displayError("Please enter current password");
return; return;
} }
if ( if (document.getElementById("new_password").value === "") {
document.getElementById("new_password").value !=
document.getElementById("new_password_repeat").value
) {
displayError("New password and new password repeat do not match");
return;
}
if (document.getElementById("new_password").value == "") {
document
.getElementById("password_error")
.classList.remove("hidden");
displayError("No value for new password"); displayError("No value for new password");
return; return;
} }
if (document.getElementById("new_password_repeat").value == "") { if (document.getElementById("new_password_repeat").value === "") {
displayError("Please repeat new password"); displayError("Please repeat new password");
return; return;
} }
if (
document.getElementById("new_password").value !==
document.getElementById("new_password_repeat").value
) {
displayError("New password and new password repeat do not match");
return;
}
const formData = new FormData(); const formData = new FormData();
formData.append( formData.append(
"csrf_token", "csrf_token",
document.getElementById("csrf_token_storage").value, document.getElementById("csrf_token_storage").value,
); );
formData.append("old", file); formData.append(
"old_password",
document.getElementById("current_password").value,
);
formData.append(
"new_password",
document.getElementById("new_password").value,
);
formData.append(
"new_password_repeat",
document.getElementById("new_password_repeat").value,
);
fetch("/change-password", {
method: "POST",
body: formData,
})
.then(async (res) => {
const data = await res.json();
if (!res.ok) {
throw new Error(data.error || "Request failed");
}
return data;
})
.then((data) => {
document document
.getElementById("change_password_dialouge") .getElementById("change_password_dialogue")
.classList.add("hidden"); .classList.add("hidden");
document.getElementById("popup_background").classList.add("hidden"); document
.getElementById("popup_background")
.classList.add("hidden");
})
.catch((err) => {
displayError(err.message);
});
}); });
</script> </script>
@@ -216,4 +265,15 @@
}); });
</script> </script>
<script type="text/javascript">
document
.getElementById("close_password_dialogue")
.addEventListener("click", () => {
document
.getElementById("change_password_dialogue")
.classList.add("hidden");
document.getElementById("popup_background").classList.add("hidden");
});
</script>
<script src="/static/error/error.js" type="text/javascript"></script> <script src="/static/error/error.js" type="text/javascript"></script>

11
static/card.css
View File

@@ -10,4 +10,15 @@
padding: 2.5rem; padding: 2.5rem;
box-shadow: 0 4px 15px rgba(0, 0, 0, 0.03); box-shadow: 0 4px 15px rgba(0, 0, 0, 0.03);
transition: transform 0.2s ease; transition: transform 0.2s ease;
display: flex;
flex-direction: column;
gap: 15px;
}
.static_center {
position: fixed;
left: 50%;
top: 50%;
transform: translateX(-50%) translateY(-50%);
} }

12
static/login_page.css
View File

@@ -6,11 +6,6 @@
} }
#login_card { #login_card {
/* The Magic Three */
display: flex;
flex-direction: column; /* Stack vertically */
gap: 15px; /* Space between inputs */
position: fixed; position: fixed;
top: 50%; top: 50%;
left: 50%; left: 50%;
@@ -40,13 +35,6 @@
flex: 2; flex: 2;
} }
.login_text {
color: var(--text-muted);
margin: 0;
padding: 0;
font-size: 15px;
}
#welcome_text { #welcome_text {
font-weight: 700; font-weight: 700;
font-size: 1.25rem; font-size: 1.25rem;

14
static/profile_page.css
View File

@@ -33,6 +33,8 @@
max-width: 500px; max-width: 500px;
text-align: center; text-align: center;
gap: 0px !important;
position: fixed; position: fixed;
left: 50%; left: 50%;
top: 50%; top: 50%;
@@ -116,7 +118,17 @@
font-size: 20px; font-size: 20px;
} }
#change_password_dialouge { #change_password_dialogue {
z-index: 10000; z-index: 10000;
position: fixed; position: fixed;
} }
#change_password_dialogue input {
width: 350px;
}
#close_password_dialogue {
width: fit-content;
position: absolute;
right: 2.5rem;
}

9
static/style.css
View File

@@ -51,8 +51,15 @@ input::placeholder {
color: var(--text-muted); color: var(--text-muted);
} }
.input_label {
color: var(--text-muted);
margin: 0;
padding: 0;
font-size: 15px;
}
.hidden { .hidden {
display: none; display: none !important;
} }
.blocked { .blocked {