Hand LDAP config to policy from main policy file
All checks were successful
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing

Deployments will differ in production. The policy itself just needs the
configs, but should not care where credentials are fetched from.
This commit is contained in:
Râu Cao 2024-06-09 23:15:56 +02:00
parent c2c3ebc2e1
commit 2a675fd135
Signed by: raucao
GPG Key ID: 37036C356E56CC51
2 changed files with 22 additions and 12 deletions

View File

@ -1,22 +1,22 @@
import type { Policy } from 'https://gitlab.com/soapbox-pub/strfry-policies/-/raw/develop/mod.ts';
import { Client } from 'npm:ldapts';
import { load } from "https://deno.land/std@0.224.0/dotenv/mod.ts";
const env = await load({ export: true });
const url = Deno.env.get("LDAP_URL");
const bindDN = Deno.env.get("LDAP_BIND_DN");
const password = Deno.env.get("LDAP_PASSWORD");
const searchDN = Deno.env.get("LDAP_SEARCH_DN");
interface LdapConfig {
url: string;
bindDN: string;
password: string;
searchDN: string;
}
const ldapPolicy: Policy<void> = async (msg) => {
const client = new Client({ url });
const ldapPolicy: Policy<LdapConfig> = async (msg, opts) => {
const client = new Client({ url: opts.url });
const { pubkey, kind, tags } = msg.event;
let out = { id: msg.event.id }
try {
await client.bind(bindDN, password);
await client.bind(opts.bindDN, opts.password);
const { searchEntries } = await client.search(searchDN, {
const { searchEntries } = await client.search(opts.searchDN, {
filter: `(nostrKey=${pubkey})`,
attributes: ['nostrKey']
});

View File

@ -8,15 +8,25 @@ import {
readStdin,
writeStdout,
} from 'https://gitlab.com/soapbox-pub/strfry-policies/-/raw/develop/mod.ts';
import ldapPolicy from './ldap-policy.ts';
import { load } from "https://deno.land/std@0.224.0/dotenv/mod.ts";
const dirname = new URL('.', import.meta.url).pathname;
await load({ envPath: `${dirname}/.env`, export: true });
const ldapConfig = {
url: Deno.env.get("LDAP_URL"),
bindDN: Deno.env.get("LDAP_BIND_DN"),
password: Deno.env.get("LDAP_PASSWORD"),
searchDN: Deno.env.get("LDAP_SEARCH_DN"),
}
for await (const msg of readStdin()) {
const result = await pipeline(msg, [
[hellthreadPolicy, { limit: 10 }],
[antiDuplicationPolicy, { ttl: 60000, minLength: 50 }],
[rateLimitPolicy, { whitelist: ['127.0.0.1'] }],
[ldapPolicy],
[ldapPolicy, ldapConfig],
]);
writeStdout(result);