refactor: use is configured check in ldap service

2026-02-22 00:42:03 +00:00 · 2026-02-01 19:05:42 +02:00
parent 671343f677
commit eff5fc8b71
3 changed files with 17 additions and 9 deletions
--- a/internal/bootstrap/service_bootstrap.go
+++ b/internal/bootstrap/service_bootstrap.go
@@ -3,7 +3,6 @@ package bootstrap
 import (
 	"github.com/steveiliop56/tinyauth/internal/repository"
 	"github.com/steveiliop56/tinyauth/internal/service"
-	"github.com/steveiliop56/tinyauth/internal/utils/tlog"
 )

 type Services struct {
@@ -31,12 +30,12 @@ func (app *BootstrapApp) initServices(queries *repository.Queries) (Services, er

 	err := ldapService.Init()

-	if err == nil {
-		services.ldapService = ldapService
-	} else {
-		tlog.App.Warn().Err(err).Msg("Failed to initialize LDAP service, continuing without it")
+	if err != nil {
+		return Services{}, err
 	}

+	services.ldapService = ldapService
+
 	dockerService := service.NewDockerService()

 	err = dockerService.Init()
--- a/internal/service/auth_service.go
+++ b/internal/service/auth_service.go
@@ -78,7 +78,7 @@ func (auth *AuthService) SearchUser(username string) config.UserSearch {
 		}
 	}

-	if auth.ldap != nil {
+	if auth.ldap.IsConfigured() {
 		userDN, err := auth.ldap.GetUserDN(username)

 		if err != nil {
@@ -105,7 +105,7 @@ func (auth *AuthService) VerifyUser(search config.UserSearch, password string) b
 		user := auth.GetLocalUser(search.Username)
 		return auth.CheckPassword(user, password)
 	case "ldap":
-		if auth.ldap != nil {
+		if auth.ldap.IsConfigured() {
 			err := auth.ldap.Bind(search.Username, password)
 			if err != nil {
 				tlog.App.Warn().Err(err).Str("username", search.Username).Msg("Failed to bind to LDAP")
@@ -141,7 +141,7 @@ func (auth *AuthService) GetLocalUser(username string) config.User {
 }

 func (auth *AuthService) GetLdapUser(userDN string) (config.LdapUser, error) {
-	if auth.ldap == nil {
+	if !auth.ldap.IsConfigured() {
 		return config.LdapUser{}, errors.New("LDAP service not initialized")
 	}

@@ -398,7 +398,7 @@ func (auth *AuthService) LocalAuthConfigured() bool {
 }

 func (auth *AuthService) LdapAuthConfigured() bool {
-	return auth.ldap != nil
+	return auth.ldap.IsConfigured()
 }

 func (auth *AuthService) IsUserAllowed(c *gin.Context, context config.UserContext, acls config.App) bool {
--- a/internal/service/ldap_service.go
+++ b/internal/service/ldap_service.go
@@ -36,7 +36,16 @@ func NewLdapService(config LdapServiceConfig) *LdapService {
 	}
 }

+// If you have an ldap address then you must need ldap
+func (ldap *LdapService) IsConfigured() bool {
+	return ldap.config.Address != ""
+}
+
 func (ldap *LdapService) Init() error {
+	if !ldap.IsConfigured() {
+		return nil
+	}
+
 	// Check whether authentication with client certificate is possible
 	if ldap.config.AuthCert != "" && ldap.config.AuthKey != "" {
 		cert, err := tls.LoadX509KeyPair(ldap.config.AuthCert, ldap.config.AuthKey)