dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
e55a4868d3
lemonldap-ng/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/PasswordDBLDAP.pm

136 lines
4.0 KiB
Perl
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

##@file
# LDAP password backend file
##@class
# LDAP password backend class
package Lemonldap::NG::Portal::PasswordDBLDAP;
use Lemonldap::NG::Portal::Simple;
use Lemonldap::NG::Portal::_LDAP 'ldap'; #link protected ldap
use Lemonldap::NG::Portal::UserDBLDAP; #inherits
our $VERSION = '0.2';
*_formateFilter = *Lemonldap::NG::Portal::UserDBLDAP::formateFilter;
*_search = *Lemonldap::NG::Portal::UserDBLDAP::search;
## @apmethod int apasswordDBInit()
# Load Net::LDAP::Control::PasswordPolicy if needed
# @return Lemonldap::NG::Portal constant
sub passwordDBInit {
my $self = shift;
if ( $self->{ldapPpolicyControl} and not $self->ldap->loadPP()) {
return PE_LDAPERROR;
}
PE_OK;
}
## @apmethod int modifyPassword()
# Modify the password by LDAP mechanism.
# @return Lemonldap::NG::Portal constant
sub modifyPassword {
my $self = shift;
# Exit method if no password change requested
return PE_OK unless ( $self->{newpassword} );
unless ( $self->ldap ) {
return PE_LDAPCONNECTFAILED;
}
# Set the dn unless done before
unless ( $self->{dn} ) {
my $tmp = $self->_subProcess(qw(_formateFilter _search));
return $tmp if ($tmp);
}
$self->lmLog("Modify password request for ".$self->{dn},'debug');
# Call the modify password method
return $self->ldap->userModifyPassword( $self->{dn}, $self->{newpassword}, $self->{confirmpassword}, $self->{oldpassword} );
PE_OK;
}
## @apmethod int resetPasswordByMail()
# Reset the password and send a mail.
# @return Lemonldap::NG::Portal constant
sub resetPasswordByMail {
my $self = shift;
# Exit method if no mail
return PE_OK unless ( $self->{mail} );
unless ( $self->ldap ) {
return PE_LDAPCONNECTFAILED;
}
# Set the dn unless done before
unless ( $self->{dn} ) {
my $tmp = $self->_subProcess(qw(_formateFilter _search));
return $tmp if ($tmp);
}
$self->lmLog("Reset password request for ".$self->{dn},'debug');
# Check the required modules before changing password
eval {require String::Random};
if ($@) {
$self->lmLog("Module String::Random not found in @INC",'error' );
return PE_ERROR;
}
eval {require MIME::Lite};
if ($@) {
$self->lmLog("Module MIME::Lite not found in @INC",'error' );
return PE_ERROR;
}
# Generate a complex password
my $random = new String::Random;
my $password = $random->randregex( $self->{randomPasswordRegexp} );
$self->lmLog("Generated password: ".$password,'debug');
# Call the modify password method
my $pe_error = $self->ldap->userModifyPassword( $self->{dn}, $password, $password );
return $pe_error unless ($pe_error == PE_PASSWORD_OK);
# If Password Policy, set the PwdReset flag
if ( $self->{ldapPpolicyControl} ) {
my $result = $self->ldap->modify( $self->{dn}, replace => { 'pwdReset' => 'TRUE' } );
unless ( $result->code == 0) {
$self->lmLog("LDAP modify pwdReset error: ".$result->code,'error');
return PE_LDAPERROR;
}
$self->lmLog("pwdReset set to TRUE",'debug');
}
# Send new password by mail
$self->{mailBody} =~ s/\$password/$password/g;
$self->{mailBody} =~ s/\$(\w+)/$self->{sessionInfo}->{$1}/g;
$self->lmLog("SMTP From ".$self->{mailFrom},'debug');
$self->lmLog("SMTP To ".$self->{mail},'debug');
$self->lmLog("SMTP Subject ".$self->{mailSubject},'debug');
$self->lmLog("SMTP Body ".$self->{mailBody},'debug');
eval {
my $message = MIME::Lite->new(
From => $self->{mailFrom},
To => $self->{mail},
Subject => $self->{mailSubject},
Type => "TEXT",
Data => $self->{mailBody},
);
$self->{SMTPServer} ? $message->send("smtp",$self->{SMTPServer}) : $message->send();
};
if ($@) {
$self->lmLog("Send message failed: $@",'error');
return PE_ERROR;
}
PE_PASSWORD_OK;
}
1;
Reference in New Issue View Git Blame Copy Permalink