feat: retrieve and store groups from ldap provider

2026-01-14 11:22:33 +00:00 · 2026-01-09 23:23:36 +02:00
parent 467c580ec4
commit 1b2bf3902c
12 changed files with 94 additions and 18 deletions
--- a/internal/middleware/context_middleware.go
+++ b/internal/middleware/context_middleware.go
@@ -74,6 +74,7 @@ func (m *ContextMiddleware) Middleware() gin.HandlerFunc {
 				Email:      cookie.Email,
 				Provider:   "username",
 				IsLoggedIn: true,
+				LdapGroups: cookie.LdapGroups,
 			})
 			c.Next()
 			return
@@ -155,7 +156,7 @@ func (m *ContextMiddleware) Middleware() gin.HandlerFunc {
 				Username:    user.Username,
 				Name:        utils.Capitalize(user.Username),
 				Email:       fmt.Sprintf("%s@%s", strings.ToLower(user.Username), m.config.CookieDomain),
-				Provider:    "basic",
+				Provider:    "username",
 				IsLoggedIn:  true,
 				TotpEnabled: user.TotpSecret != "",
 			})
@@ -163,12 +164,22 @@ func (m *ContextMiddleware) Middleware() gin.HandlerFunc {
 			return
 		case "ldap":
 			log.Debug().Msg("Basic auth user is LDAP")
+
+			ldapUser, err := m.auth.GetLdapUser(basic.Username)
+
+			if err != nil {
+				log.Debug().Err(err).Msg("Error retrieving LDAP user details")
+				c.Next()
+				return
+			}
+
 			c.Set("context", &config.UserContext{
 				Username:   basic.Username,
 				Name:       utils.Capitalize(basic.Username),
 				Email:      fmt.Sprintf("%s@%s", strings.ToLower(basic.Username), m.config.CookieDomain),
-				Provider:   "basic",
+				Provider:   "ldap",
 				IsLoggedIn: true,
+				LdapGroups: strings.Join(ldapUser.Groups, ","),
 			})
 			c.Next()
 			return