muldap/cmd/user/pw.go

package user

import (
	"fmt"
	"log"

	"github.com/spf13/cobra"
	"github.com/spf13/viper"
	ldap "github.com/go-ldap/ldap/v3"

	cli "git.metaunix.net/metaunix.net/muldap/lib/cli"
)

func init() {
	// define user delete subcommand flags
	userPwCmd.Flags().StringP("base_ou", "o", "", "LDAP OU where your user entries are stored")
	userPwCmd.Flags().StringP("uid_attribute", "a", "uid", "LDAP DN attribute for users")
	userPwCmd.Flags().StringVarP(&flagUserUsername, "username", "u", "", "Username of user to delete")
	// bind config file values to user delete flags
	viper.BindPFlag("user.base_ou", userPwCmd.Flags().Lookup("base_ou"))
	viper.BindPFlag("user.uid_attr", userPwCmd.Flags().Lookup("uid_attribute"))
}

// define user password subcommand
var userPwCmd = &cobra.Command{
	Use:   "pw",
	Short: "Set an LDAP user's password",
	Long:  "Prompts you for a password to use to set an LDAP user's password",
	Run: func(cmd *cobra.Command, args []string) {
		// create new LDAP connection
		l, err := ldap.Dial("tcp", fmt.Sprintf("%s:%d", viper.GetString("host"), viper.GetInt("port")))
		if err != nil {
			log.Fatal(err)
		}
		defer l.Close()

		// bind as the admin user
		err = l.Bind(viper.GetString("bind_dn"), viper.GetString("bind_pw"))
		if err != nil {
			log.Fatal(err)
		}

		// get password from user
		userPw, pwErr := cli.GetUserInput("New user password", true)

		if pwErr != nil {
			log.Fatal(pwErr)
		}

		// set up user DN
		userDn := fmt.Sprintf("%s=%s,%s", viper.GetString("user.uid_attr"), flagUserUsername, viper.GetString("user.base_ou"))

		// create new password modify request
		passwordModifyRequest := ldap.NewPasswordModifyRequest(userDn, "", userPw)

		// perform password change operation
		_, err = l.PasswordModify(passwordModifyRequest)
		if err != nil {
			log.Fatalf("Password could not be changed: %s", err.Error())
		}
	},
}