REST auth/user/password backend¶
LL::NG Portal provides REST end points for auth/user/password:
POST /proxy/pwdConfirm: check password
POST /proxy/getUser: get user data
POST /proxy/pwdReset: update password
These end points can be used to connect another LemonLDAP::NG server using REST authentication backend.
API¶
Password confirm¶
POST a JSON structure with user
and password
.
It will return a JSON structure with result
parameter (true
or false
).
Request:
curl -H "Accept: application/json" -d '{"user":"dwho","password":"dwho"}' https://auth.example.com/proxy/pwdConfirm
Response:
{"result":true}
Get user data¶
POST a JSON structure with user
.
It will return a JSON structure with result
and info
parameters.
Request:
curl -H "Accept: application/json" -d '{"user":"rtyler"}' https://auth.example.com/proxy/getUser
Response:
{"info":{"_utime":1651055131,"hGroups":{"users":{"name":"users"},"earthlings":{"name":"earthlings"}},"ipAddr":"127.0.0.1","_auth":"Demo","_url":null,"uid":"rtyler","mail":"rtyler@badwolf.org","_userDB":"Demo","_startTime":"20220427122531","UA":"curl/7.68.0","cn":"Rose Tyler","_user":"rtyler","_language":"en","groups":"users; earthlings","_whatToTrace":"rtyler"},"result":true}
Update password¶
POST a JSON structure with user
or mail
and password
.
It will return a JSON structure with result
parameter.
Request:
curl -H "Accept: application/json" -d '{"user":"rtyler","password":"secret"}' https://auth.example.com/proxy/pwdReset
Response:
{"result":true}
Setup¶
Manager¶
First, activate REST in General parameters
» Plugins
»
Portal servers
» REST authentication server
and REST password reset server
.
Apache¶
REST end points access must be allowed in Apache portal configuration (for example, access by IP range):
# REST/SOAP functions for proxy auth and password reset (disabled by default)
<Location /index.fcgi/proxy>
Require ip 192.168.2.0/24
</Location>