forked from Nixius/authelia
65 lines
1.7 KiB
Go
65 lines
1.7 KiB
Go
package handlers
|
|
|
|
import (
|
|
"fmt"
|
|
"log"
|
|
"net/http"
|
|
)
|
|
|
|
func (a *App) handleActivateGet(w http.ResponseWriter, r *http.Request) {
|
|
remoteUser := r.Header.Get("Remote-User")
|
|
if remoteUser == "" {
|
|
data := map[string]any{
|
|
"AutheliaURL": a.cfg.AutheliaURL,
|
|
"AppURL": a.cfg.AppURL,
|
|
"NeedLogin": true,
|
|
}
|
|
a.tmpl.ExecuteTemplate(w, "activate.html", data)
|
|
return
|
|
}
|
|
|
|
inGroup, _ := a.ldap.IsInGroup(remoteUser, "customers")
|
|
if inGroup {
|
|
http.Redirect(w, r, "/dashboard", http.StatusSeeOther)
|
|
return
|
|
}
|
|
|
|
data := map[string]any{
|
|
"User": remoteUser,
|
|
"AppURL": a.cfg.AppURL,
|
|
"Ready": true,
|
|
}
|
|
if err := a.tmpl.ExecuteTemplate(w, "activate.html", data); err != nil {
|
|
log.Printf("template error: %v", err)
|
|
http.Error(w, "internal error", http.StatusInternalServerError)
|
|
}
|
|
}
|
|
|
|
func (a *App) handleActivatePost(w http.ResponseWriter, r *http.Request) {
|
|
remoteUser := r.Header.Get("Remote-User")
|
|
if remoteUser == "" {
|
|
http.Error(w, "not authenticated", http.StatusUnauthorized)
|
|
return
|
|
}
|
|
|
|
inGroup, _ := a.ldap.IsInGroup(remoteUser, "customers")
|
|
if inGroup {
|
|
http.Redirect(w, r, "/dashboard", http.StatusSeeOther)
|
|
return
|
|
}
|
|
|
|
if err := a.ldap.AddToGroup(remoteUser, "customers"); err != nil {
|
|
log.Printf("activate: group add failed for %s: %v", remoteUser, err)
|
|
http.Error(w, "activation failed, contact support", http.StatusInternalServerError)
|
|
return
|
|
}
|
|
|
|
stackName := fmt.Sprintf("customer-%s", remoteUser)
|
|
if err := a.swarm.DeployStack(stackName, remoteUser, a.cfg.TraefikDomain); err != nil {
|
|
log.Printf("activate: stack deploy failed for %s: %v", remoteUser, err)
|
|
}
|
|
|
|
log.Printf("activated user %s: group=customers stack=%s", remoteUser, stackName)
|
|
http.Redirect(w, r, "/dashboard", http.StatusSeeOther)
|
|
}
|