home/torsearch
1
0
Fork 0
Code Issues 22 Pull Requests 1 Actions 3 Packages Projects 4 Releases Wiki Activity

wip-feat: authenticates with LDAP

Browse Source
This commit is contained in:
brock
2025-05-10 08:48:12 -05:00
parent e325687af5
commit 6e55195e6f
9 changed files with 139 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
.env.dist
View File

@@ -10,3 +10,13 @@ MERCURE_JWT_SECRET="%%mercure_jwt_secret%%"
JELLYFIN_URL=%%jellyfin_url%%
JELLYFIN_TOKEN=%%jellyfin_token%%
REDIS_HOST="%%redis_host%%"
LDAP_HOST=
LDAP_PORT=
LDAP_ENCRYPTION=
LDAP_BASE_DN=
LDAP_BIND_USER=
LDAP_BIND_PASS=
LDAP_DN_STRING=

6
Dockerfile
View File

@@ -1,4 +1,10 @@
FROM registry.caldwell.digital/library/php:8.4-apache
RUN apt-get update && \
apt-get install libldap2-dev -y && \
rm -rf /var/lib/apt/lists/* && \
docker-php-ext-configure ldap --with-libdir=lib/x86_64-linux-gnu/ && \
docker-php-ext-install ldap
COPY ./bash/vhost.conf /etc/apache2/sites-enabled/vhost.conf
RUN rm /etc/apache2/sites-enabled/000-default.conf

6
Dockerfile.prod
View File

@@ -1,5 +1,11 @@
FROM registry.caldwell.digital/library/php:8.4-apache
RUN apt-get update && \
apt-get install libldap2-dev -y && \
rm -rf /var/lib/apt/lists/* && \
docker-php-ext-configure ldap --with-libdir=lib/x86_64-linux-gnu/ && \
docker-php-ext-install ldap
COPY --chown=www-data:www-data . /var/www
COPY ./bash/vhost.conf /etc/apache2/sites-enabled/vhost.conf
RUN rm /etc/apache2/sites-enabled/000-default.conf

1
composer.json
View File

@@ -29,6 +29,7 @@
"symfony/flex": "^2",
"symfony/form": "7.2.*",
"symfony/framework-bundle": "7.2.*",
"symfony/ldap": "7.2.*",
"symfony/mercure-bundle": "^0.3.9",
"symfony/messenger": "7.2.*",
"symfony/runtime": "7.2.*",

77
composer.lock generated
View File

@@ -4,7 +4,7 @@
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
"This file is @generated automatically"
],
"content-hash": "7e29123297e1ac72cd417967d2a761b4",
"content-hash": "c179718ee29dbe018b93ea7d46764931",
"packages": [
{
"name": "1tomany/rich-bundle",
@@ -5082,6 +5082,81 @@
],
"time": "2025-05-02T09:04:03+00:00"
},
{
"name": "symfony/ldap",
"version": "v7.2.0",
"source": {
"type": "git",
"url": "https://github.com/symfony/ldap.git",
"reference": "48013cfa9d394343162dae7da914112a6206b575"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/symfony/ldap/zipball/48013cfa9d394343162dae7da914112a6206b575",
"reference": "48013cfa9d394343162dae7da914112a6206b575",
"shasum": ""
},
"require": {
"ext-ldap": "*",
"php": ">=8.2",
"symfony/options-resolver": "^6.4|^7.0"
},
"conflict": {
"symfony/options-resolver": "<6.4",
"symfony/security-core": "<6.4"
},
"require-dev": {
"symfony/security-core": "^6.4|^7.0",
"symfony/security-http": "^6.4|^7.0"
},
"type": "library",
"autoload": {
"psr-4": {
"Symfony\\Component\\Ldap\\": ""
},
"exclude-from-classmap": [
"/Tests/"
]
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Charles Sarrazin",
"email": "charles@sarraz.in"
},
{
"name": "Symfony Community",
"homepage": "https://symfony.com/contributors"
}
],
"description": "Provides a LDAP client for PHP on top of PHP's ldap extension",
"homepage": "https://symfony.com",
"keywords": [
"active-directory",
"ldap"
],
"support": {
"source": "https://github.com/symfony/ldap/tree/v7.2.0"
},
"funding": [
{
"url": "https://symfony.com/sponsor",
"type": "custom"
},
{
"url": "https://github.com/fabpot",
"type": "github"
},
{
"url": "https://tidelift.com/funding/github/packagist/symfony/symfony",
"type": "tidelift"
}
],
"time": "2024-11-25T15:21:05+00:00"
},
{
"name": "symfony/mercure",
"version": "v0.6.5",

25
config/packages/security.yaml
View File

@@ -10,19 +10,36 @@ security:
class: App\User\Framework\Entity\User
property: email
app_ldap_provider:
ldap:
service: Symfony\Component\Ldap\Ldap
base_dn: '%env(LDAP_BASE_DN)%'
search_dn: '%env(LDAP_BIND_USER)%'
search_password: '%env(LDAP_BIND_PASS)%'
default_roles: ROLE_USER
uid_key: uid
extra_fields: ['mail', 'cn', 'givenname', 'sn', 'displayname', 'initials']
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
lazy: true
provider: app_user_provider
form_login:
provider: app_ldap_provider
# form_login:
# login_path: app_login
# check_path: app_login
# enable_csrf: true
logout:
path: app_logout
form_login_ldap:
login_path: app_login
check_path: app_login
enable_csrf: true
logout:
path: app_logout
service: Symfony\Component\Ldap\Ldap
dn_string: '%env(LDAP_DN_STRING)%'
# where to redirect after logout
# target: app_any_route

16
config/services.yaml
View File

@@ -28,6 +28,22 @@ services:
# please note that last definitions always *replace* previous ones
App\Download\Downloader\DownloaderInterface: "@App\\Download\\Downloader\\ProcessDownloader"
# Session
Symfony\Component\HttpFoundation\Session\Storage\Handler\PdoSessionHandler:
arguments:
- '%env(DATABASE_URL)%'
# LDAP
Symfony\Component\Ldap\Ldap:
arguments: [ '@Symfony\Component\Ldap\Adapter\ExtLdap\Adapter' ]
tags:
- ldap
Symfony\Component\Ldap\Adapter\ExtLdap\Adapter:
arguments:
- host: '%env(LDAP_HOST)%'
port: '%env(LDAP_PORT)%'
encryption: '%env(LDAP_ENCRYPTION)%'
options:
protocol_version: 3
referrals: false

1
src/Controller/IndexController.php
View File

@@ -18,6 +18,7 @@ final class IndexController extends AbstractController
#[Route('/', name: 'app_index')]
public function index(): Response
{
dd($this->getUser());
return $this->render('index/index.html.twig', [
'active_downloads' => $this->downloadRepository->getActivePaginated(),
'recent_downloads' => $this->downloadRepository->latest(5),

4
templates/user/login.html.twig
View File

@@ -17,8 +17,8 @@
{% endif %}
<label for="username" class="mb-2 flex flex-col">
Email
<input type="email"
User
<input type=""
value="{{ last_username }}"
name="_username"
id="username"