wip-feat: authenticates with LDAP
This commit is contained in:
10
.env.dist
10
.env.dist
@@ -10,3 +10,13 @@ MERCURE_JWT_SECRET="%%mercure_jwt_secret%%"
|
|||||||
JELLYFIN_URL=%%jellyfin_url%%
|
JELLYFIN_URL=%%jellyfin_url%%
|
||||||
JELLYFIN_TOKEN=%%jellyfin_token%%
|
JELLYFIN_TOKEN=%%jellyfin_token%%
|
||||||
REDIS_HOST="%%redis_host%%"
|
REDIS_HOST="%%redis_host%%"
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
LDAP_HOST=
|
||||||
|
LDAP_PORT=
|
||||||
|
LDAP_ENCRYPTION=
|
||||||
|
LDAP_BASE_DN=
|
||||||
|
LDAP_BIND_USER=
|
||||||
|
LDAP_BIND_PASS=
|
||||||
|
LDAP_DN_STRING=
|
||||||
|
|||||||
@@ -1,4 +1,10 @@
|
|||||||
FROM registry.caldwell.digital/library/php:8.4-apache
|
FROM registry.caldwell.digital/library/php:8.4-apache
|
||||||
|
|
||||||
|
RUN apt-get update && \
|
||||||
|
apt-get install libldap2-dev -y && \
|
||||||
|
rm -rf /var/lib/apt/lists/* && \
|
||||||
|
docker-php-ext-configure ldap --with-libdir=lib/x86_64-linux-gnu/ && \
|
||||||
|
docker-php-ext-install ldap
|
||||||
|
|
||||||
COPY ./bash/vhost.conf /etc/apache2/sites-enabled/vhost.conf
|
COPY ./bash/vhost.conf /etc/apache2/sites-enabled/vhost.conf
|
||||||
RUN rm /etc/apache2/sites-enabled/000-default.conf
|
RUN rm /etc/apache2/sites-enabled/000-default.conf
|
||||||
|
|||||||
@@ -1,5 +1,11 @@
|
|||||||
FROM registry.caldwell.digital/library/php:8.4-apache
|
FROM registry.caldwell.digital/library/php:8.4-apache
|
||||||
|
|
||||||
|
RUN apt-get update && \
|
||||||
|
apt-get install libldap2-dev -y && \
|
||||||
|
rm -rf /var/lib/apt/lists/* && \
|
||||||
|
docker-php-ext-configure ldap --with-libdir=lib/x86_64-linux-gnu/ && \
|
||||||
|
docker-php-ext-install ldap
|
||||||
|
|
||||||
COPY --chown=www-data:www-data . /var/www
|
COPY --chown=www-data:www-data . /var/www
|
||||||
COPY ./bash/vhost.conf /etc/apache2/sites-enabled/vhost.conf
|
COPY ./bash/vhost.conf /etc/apache2/sites-enabled/vhost.conf
|
||||||
RUN rm /etc/apache2/sites-enabled/000-default.conf
|
RUN rm /etc/apache2/sites-enabled/000-default.conf
|
||||||
|
|||||||
@@ -29,6 +29,7 @@
|
|||||||
"symfony/flex": "^2",
|
"symfony/flex": "^2",
|
||||||
"symfony/form": "7.2.*",
|
"symfony/form": "7.2.*",
|
||||||
"symfony/framework-bundle": "7.2.*",
|
"symfony/framework-bundle": "7.2.*",
|
||||||
|
"symfony/ldap": "7.2.*",
|
||||||
"symfony/mercure-bundle": "^0.3.9",
|
"symfony/mercure-bundle": "^0.3.9",
|
||||||
"symfony/messenger": "7.2.*",
|
"symfony/messenger": "7.2.*",
|
||||||
"symfony/runtime": "7.2.*",
|
"symfony/runtime": "7.2.*",
|
||||||
|
|||||||
77
composer.lock
generated
77
composer.lock
generated
@@ -4,7 +4,7 @@
|
|||||||
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
|
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
|
||||||
"This file is @generated automatically"
|
"This file is @generated automatically"
|
||||||
],
|
],
|
||||||
"content-hash": "7e29123297e1ac72cd417967d2a761b4",
|
"content-hash": "c179718ee29dbe018b93ea7d46764931",
|
||||||
"packages": [
|
"packages": [
|
||||||
{
|
{
|
||||||
"name": "1tomany/rich-bundle",
|
"name": "1tomany/rich-bundle",
|
||||||
@@ -5082,6 +5082,81 @@
|
|||||||
],
|
],
|
||||||
"time": "2025-05-02T09:04:03+00:00"
|
"time": "2025-05-02T09:04:03+00:00"
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
"name": "symfony/ldap",
|
||||||
|
"version": "v7.2.0",
|
||||||
|
"source": {
|
||||||
|
"type": "git",
|
||||||
|
"url": "https://github.com/symfony/ldap.git",
|
||||||
|
"reference": "48013cfa9d394343162dae7da914112a6206b575"
|
||||||
|
},
|
||||||
|
"dist": {
|
||||||
|
"type": "zip",
|
||||||
|
"url": "https://api.github.com/repos/symfony/ldap/zipball/48013cfa9d394343162dae7da914112a6206b575",
|
||||||
|
"reference": "48013cfa9d394343162dae7da914112a6206b575",
|
||||||
|
"shasum": ""
|
||||||
|
},
|
||||||
|
"require": {
|
||||||
|
"ext-ldap": "*",
|
||||||
|
"php": ">=8.2",
|
||||||
|
"symfony/options-resolver": "^6.4|^7.0"
|
||||||
|
},
|
||||||
|
"conflict": {
|
||||||
|
"symfony/options-resolver": "<6.4",
|
||||||
|
"symfony/security-core": "<6.4"
|
||||||
|
},
|
||||||
|
"require-dev": {
|
||||||
|
"symfony/security-core": "^6.4|^7.0",
|
||||||
|
"symfony/security-http": "^6.4|^7.0"
|
||||||
|
},
|
||||||
|
"type": "library",
|
||||||
|
"autoload": {
|
||||||
|
"psr-4": {
|
||||||
|
"Symfony\\Component\\Ldap\\": ""
|
||||||
|
},
|
||||||
|
"exclude-from-classmap": [
|
||||||
|
"/Tests/"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"notification-url": "https://packagist.org/downloads/",
|
||||||
|
"license": [
|
||||||
|
"MIT"
|
||||||
|
],
|
||||||
|
"authors": [
|
||||||
|
{
|
||||||
|
"name": "Charles Sarrazin",
|
||||||
|
"email": "charles@sarraz.in"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name": "Symfony Community",
|
||||||
|
"homepage": "https://symfony.com/contributors"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"description": "Provides a LDAP client for PHP on top of PHP's ldap extension",
|
||||||
|
"homepage": "https://symfony.com",
|
||||||
|
"keywords": [
|
||||||
|
"active-directory",
|
||||||
|
"ldap"
|
||||||
|
],
|
||||||
|
"support": {
|
||||||
|
"source": "https://github.com/symfony/ldap/tree/v7.2.0"
|
||||||
|
},
|
||||||
|
"funding": [
|
||||||
|
{
|
||||||
|
"url": "https://symfony.com/sponsor",
|
||||||
|
"type": "custom"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"url": "https://github.com/fabpot",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"url": "https://tidelift.com/funding/github/packagist/symfony/symfony",
|
||||||
|
"type": "tidelift"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"time": "2024-11-25T15:21:05+00:00"
|
||||||
|
},
|
||||||
{
|
{
|
||||||
"name": "symfony/mercure",
|
"name": "symfony/mercure",
|
||||||
"version": "v0.6.5",
|
"version": "v0.6.5",
|
||||||
|
|||||||
@@ -10,19 +10,36 @@ security:
|
|||||||
class: App\User\Framework\Entity\User
|
class: App\User\Framework\Entity\User
|
||||||
property: email
|
property: email
|
||||||
|
|
||||||
|
app_ldap_provider:
|
||||||
|
ldap:
|
||||||
|
service: Symfony\Component\Ldap\Ldap
|
||||||
|
base_dn: '%env(LDAP_BASE_DN)%'
|
||||||
|
search_dn: '%env(LDAP_BIND_USER)%'
|
||||||
|
search_password: '%env(LDAP_BIND_PASS)%'
|
||||||
|
default_roles: ROLE_USER
|
||||||
|
uid_key: uid
|
||||||
|
extra_fields: ['mail', 'cn', 'givenname', 'sn', 'displayname', 'initials']
|
||||||
|
|
||||||
|
|
||||||
firewalls:
|
firewalls:
|
||||||
dev:
|
dev:
|
||||||
pattern: ^/(_(profiler|wdt)|css|images|js)/
|
pattern: ^/(_(profiler|wdt)|css|images|js)/
|
||||||
security: false
|
security: false
|
||||||
main:
|
main:
|
||||||
lazy: true
|
lazy: true
|
||||||
provider: app_user_provider
|
provider: app_ldap_provider
|
||||||
form_login:
|
# form_login:
|
||||||
|
# login_path: app_login
|
||||||
|
# check_path: app_login
|
||||||
|
# enable_csrf: true
|
||||||
|
logout:
|
||||||
|
path: app_logout
|
||||||
|
form_login_ldap:
|
||||||
login_path: app_login
|
login_path: app_login
|
||||||
check_path: app_login
|
check_path: app_login
|
||||||
enable_csrf: true
|
enable_csrf: true
|
||||||
logout:
|
service: Symfony\Component\Ldap\Ldap
|
||||||
path: app_logout
|
dn_string: '%env(LDAP_DN_STRING)%'
|
||||||
# where to redirect after logout
|
# where to redirect after logout
|
||||||
# target: app_any_route
|
# target: app_any_route
|
||||||
|
|
||||||
|
|||||||
@@ -28,6 +28,22 @@ services:
|
|||||||
# please note that last definitions always *replace* previous ones
|
# please note that last definitions always *replace* previous ones
|
||||||
App\Download\Downloader\DownloaderInterface: "@App\\Download\\Downloader\\ProcessDownloader"
|
App\Download\Downloader\DownloaderInterface: "@App\\Download\\Downloader\\ProcessDownloader"
|
||||||
|
|
||||||
|
# Session
|
||||||
Symfony\Component\HttpFoundation\Session\Storage\Handler\PdoSessionHandler:
|
Symfony\Component\HttpFoundation\Session\Storage\Handler\PdoSessionHandler:
|
||||||
arguments:
|
arguments:
|
||||||
- '%env(DATABASE_URL)%'
|
- '%env(DATABASE_URL)%'
|
||||||
|
|
||||||
|
# LDAP
|
||||||
|
Symfony\Component\Ldap\Ldap:
|
||||||
|
arguments: [ '@Symfony\Component\Ldap\Adapter\ExtLdap\Adapter' ]
|
||||||
|
tags:
|
||||||
|
- ldap
|
||||||
|
|
||||||
|
Symfony\Component\Ldap\Adapter\ExtLdap\Adapter:
|
||||||
|
arguments:
|
||||||
|
- host: '%env(LDAP_HOST)%'
|
||||||
|
port: '%env(LDAP_PORT)%'
|
||||||
|
encryption: '%env(LDAP_ENCRYPTION)%'
|
||||||
|
options:
|
||||||
|
protocol_version: 3
|
||||||
|
referrals: false
|
||||||
|
|||||||
@@ -18,6 +18,7 @@ final class IndexController extends AbstractController
|
|||||||
#[Route('/', name: 'app_index')]
|
#[Route('/', name: 'app_index')]
|
||||||
public function index(): Response
|
public function index(): Response
|
||||||
{
|
{
|
||||||
|
dd($this->getUser());
|
||||||
return $this->render('index/index.html.twig', [
|
return $this->render('index/index.html.twig', [
|
||||||
'active_downloads' => $this->downloadRepository->getActivePaginated(),
|
'active_downloads' => $this->downloadRepository->getActivePaginated(),
|
||||||
'recent_downloads' => $this->downloadRepository->latest(5),
|
'recent_downloads' => $this->downloadRepository->latest(5),
|
||||||
|
|||||||
@@ -17,8 +17,8 @@
|
|||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
<label for="username" class="mb-2 flex flex-col">
|
<label for="username" class="mb-2 flex flex-col">
|
||||||
Email
|
User
|
||||||
<input type="email"
|
<input type=""
|
||||||
value="{{ last_username }}"
|
value="{{ last_username }}"
|
||||||
name="_username"
|
name="_username"
|
||||||
id="username"
|
id="username"
|
||||||
|
|||||||
Reference in New Issue
Block a user