make ldap searched parameters configurable

api/login.go

@@ -53,7 +53,7 @@ func ldapAuthentication(auth, password string) (error, models.User) {
 		util.Config.LdapSearchDN,
 		ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false,
 		fmt.Sprintf(util.Config.LdapSearchFilter, auth),
-		[]string{"dn"},
+		[]string{util.Config.LdapMappings.DN},
 		nil,
 	)
 
@@ -78,7 +78,7 @@ func ldapAuthentication(auth, password string) (error, models.User) {
 		util.Config.LdapSearchDN,
 		ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false,
 		fmt.Sprintf(util.Config.LdapSearchFilter, auth),
-		[]string{"dn", "mail", "uid", "cn"},
+		[]string{util.Config.LdapMappings.DN, util.Config.LdapMappings.Mail, util.Config.LdapMappings.Uid, util.Config.LdapMappings.CN},
 		nil,
 	)
 
@@ -88,10 +88,10 @@ func ldapAuthentication(auth, password string) (error, models.User) {
 	}
 
 	ldapUser := models.User{
-		Username: sr.Entries[0].GetAttributeValue("uid"),
+		Username: sr.Entries[0].GetAttributeValue(util.Config.LdapMappings.Uid),
 		Created:  time.Now(),
-		Name:     sr.Entries[0].GetAttributeValue("cn"),
-		Email:    sr.Entries[0].GetAttributeValue("mail"),
+		Name:     sr.Entries[0].GetAttributeValue(util.Config.LdapMappings.CN),
+		Email:    sr.Entries[0].GetAttributeValue(util.Config.LdapMappings.Mail),
 		External: true,
 		Alert:    false,
 	}

util/config.go

@@ -26,6 +26,13 @@ type mySQLConfig struct {
 	DbName   string `json:"name"`
 }
 
+type ldapMappings struct {
+	DN   string `json:"dn"`
+	Mail string `json:"mail"`
+	Uid  string `json:"uid"`
+	CN   string `json:"cn"`
+}
+
 type configType struct {
 	MySQL mySQLConfig `json:"mysql"`
 	// Format `:port_num` eg, :3000
@@ -49,13 +56,14 @@ type configType struct {
 	WebHost string `json:"web_host"`
 
 	//ldap settings
-	LdapEnable       bool   `json:"ldap_enable"`
-	LdapBindDN       string `json:"ldap_binddn"`
-	LdapBindPassword string `json:"ldap_bindpassword"`
-	LdapServer       string `json:"ldap_server"`
-	LdapNeedTLS      bool   `json:"ldap_needtls"`
-	LdapSearchDN     string `json:"ldap_searchdn"`
-	LdapSearchFilter string `json:"ldap_searchfilter"`
+	LdapEnable       bool         `json:"ldap_enable"`
+	LdapBindDN       string       `json:"ldap_binddn"`
+	LdapBindPassword string       `json:"ldap_bindpassword"`
+	LdapServer       string       `json:"ldap_server"`
+	LdapNeedTLS      bool         `json:"ldap_needtls"`
+	LdapSearchDN     string       `json:"ldap_searchdn"`
+	LdapSearchFilter string       `json:"ldap_searchfilter"`
+	LdapMappings     ldapMappings `json:"ldap_mappings"`
 
 	//telegram alerting
 	TelegramAlert bool   `json:"telegram_alert"`
@@ -271,7 +279,7 @@ func (conf *configType) Scan() {
 	}
 
 	var LdapAnswer string
-	fmt.Print(" > Enable LDAP authentificaton (y/n, default n): ")
+	fmt.Print(" > Enable LDAP authentication (y/n, default n): ")
 	fmt.Scanln(&LdapAnswer)
 	if LdapAnswer == "yes" || LdapAnswer == "y" {
 
@@ -321,6 +329,34 @@ func (conf *configType) Scan() {
 			conf.LdapSearchFilter = "(uid=%s)"
 		}
 
+		fmt.Print(" > LDAP mapping for DN field (default dn): ")
+		fmt.Scanln(&conf.LdapMappings.DN)
+
+		if len(conf.LdapMappings.DN) == 0 {
+			conf.LdapMappings.DN = "dn"
+		}
+
+		fmt.Print(" > LDAP mapping for username field (default uid): ")
+		fmt.Scanln(&conf.LdapMappings.Uid)
+
+		if len(conf.LdapMappings.Uid) == 0 {
+			conf.LdapMappings.Uid = "uid"
+		}
+
+		fmt.Print(" > LDAP mapping for full name field (default cn): ")
+		fmt.Scanln(&conf.LdapMappings.CN)
+
+		if len(conf.LdapMappings.CN) == 0 {
+			conf.LdapMappings.CN = "cn"
+		}
+
+		fmt.Print(" > LDAP mapping for email field (default mail): ")
+		fmt.Scanln(&conf.LdapMappings.Mail)
+
+		if len(conf.LdapMappings.Mail) == 0 {
+			conf.LdapMappings.Mail = "mail"
+		}
+
 	} else {
 		conf.LdapEnable = false
 	}