(userDN string)
| 186 | } |
| 187 | |
| 188 | func (auth *AuthService) GetLdapUser(userDN string) (config.LdapUser, error) { |
| 189 | if !auth.ldap.IsConfigured() { |
| 190 | return config.LdapUser{}, errors.New("LDAP service not initialized") |
| 191 | } |
| 192 | |
| 193 | auth.ldapGroupsMutex.RLock() |
| 194 | entry, exists := auth.ldapGroupsCache[userDN] |
| 195 | auth.ldapGroupsMutex.RUnlock() |
| 196 | |
| 197 | if exists && time.Now().Before(entry.Expires) { |
| 198 | return config.LdapUser{ |
| 199 | DN: userDN, |
| 200 | Groups: entry.Groups, |
| 201 | }, nil |
| 202 | } |
| 203 | |
| 204 | groups, err := auth.ldap.GetUserGroups(userDN) |
| 205 | |
| 206 | if err != nil { |
| 207 | return config.LdapUser{}, err |
| 208 | } |
| 209 | |
| 210 | auth.ldapGroupsMutex.Lock() |
| 211 | auth.ldapGroupsCache[userDN] = &LdapGroupsCache{ |
| 212 | Groups: groups, |
| 213 | Expires: time.Now().Add(time.Duration(auth.config.LDAPGroupsCacheTTL) * time.Second), |
| 214 | } |
| 215 | auth.ldapGroupsMutex.Unlock() |
| 216 | |
| 217 | return config.LdapUser{ |
| 218 | DN: userDN, |
| 219 | Groups: groups, |
| 220 | }, nil |
| 221 | } |
| 222 | |
| 223 | func (auth *AuthService) CheckPassword(user config.User, password string) bool { |
| 224 | return bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(password)) == nil |
no test coverage detected