Ensure the ldap service uses the correct value

Move secret loading to only run once
Fix missing import
2026-06-09 21:10:15 +00:00 · 2026-06-09 10:53:44 +01:00 · 2026-06-09 10:28:23 +01:00 · 2026-06-08 12:55:01 +01:00 · 2026-06-08 12:46:39 +01:00
6 changed files with 21 additions and 15 deletions
@@ -23,7 +23,7 @@ jobs:
      - name: Setup go
        uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6
        with:
-          go-version: "^1.26.4"
+          go-version: "^1.26.0"

      - name: Go dependencies
        run: go mod download
@@ -67,7 +67,7 @@ jobs:
      - name: Install go
        uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6
        with:
-          go-version: "^1.26.4"
+          go-version: "^1.26.0"

      - name: Install frontend dependencies
        working-directory: ./frontend
@@ -112,7 +112,7 @@ jobs:
      - name: Install go
        uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6
        with:
-          go-version: "^1.26.4"
+          go-version: "^1.26.0"

      - name: Install frontend dependencies
        working-directory: ./frontend
@@ -43,7 +43,7 @@ jobs:
      - name: Install go
        uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6
        with:
-          go-version: "^1.26.4"
+          go-version: "^1.26.0"

      - name: Install frontend dependencies
        working-directory: ./frontend
@@ -85,7 +85,7 @@ jobs:
      - name: Install go
        uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6
        with:
-          go-version: "^1.26.4"
+          go-version: "^1.26.0"

      - name: Install frontend dependencies
        working-directory: ./frontend
@@ -8,7 +8,7 @@ Contributing to Tinyauth is straightforward. Follow the steps below to set up a
 ## Requirements

 - pnpm
- Golang v1.26.4 or later
+- Golang v1.24.0 or later
 - Git
 - Docker
 - Make
@@ -178,15 +178,16 @@ type UIConfig struct {
 }

 type LDAPConfig struct {
-	Address       string `description:"LDAP server address." yaml:"address"`
-	BindDN        string `description:"Bind DN for LDAP authentication." yaml:"bindDn"`
-	BindPassword  string `description:"Bind password for LDAP authentication." yaml:"bindPassword"`
-	BaseDN        string `description:"Base DN for LDAP searches." yaml:"baseDn"`
-	Insecure      bool   `description:"Allow insecure LDAP connections." yaml:"insecure"`
-	SearchFilter  string `description:"LDAP search filter." yaml:"searchFilter"`
-	AuthCert      string `description:"Certificate for mTLS authentication." yaml:"authCert"`
-	AuthKey       string `description:"Certificate key for mTLS authentication." yaml:"authKey"`
-	GroupCacheTTL int    `description:"Cache duration for LDAP group membership in seconds." yaml:"groupCacheTTL"`
+	Address      	 string `description:"LDAP server address." yaml:"address"`
+	BindDN       	 string `description:"Bind DN for LDAP authentication." yaml:"bindDn"`
+	BindPassword  	 string `description:"Bind password for LDAP authentication." yaml:"bindPassword"`
+	BindPasswordFile string `description:"Path to the Bind password." yaml:"bindPasswordFile"`
+	BaseDN       	 string `description:"Base DN for LDAP searches." yaml:"baseDn"`
+	Insecure     	 bool   `description:"Allow insecure LDAP connections." yaml:"insecure"`
+	SearchFilter 	 string `description:"LDAP search filter." yaml:"searchFilter"`
+	AuthCert     	 string `description:"Certificate for mTLS authentication." yaml:"authCert"`
+	AuthKey      	 string `description:"Certificate key for mTLS authentication." yaml:"authKey"`
+	GroupCacheTTL	 int    `description:"Cache duration for LDAP group membership in seconds." yaml:"groupCacheTTL"`
 }

 type LogConfig struct {
@@ -11,6 +11,7 @@ import (
 	ldapgo "github.com/go-ldap/ldap/v3"
 	"github.com/steveiliop56/ding"
 	"github.com/tinyauthapp/tinyauth/internal/model"
+	"github.com/tinyauthapp/tinyauth/internal/utils"
 	"github.com/tinyauthapp/tinyauth/internal/utils/logger"
 )

@@ -32,6 +33,10 @@ func NewLdapService(
 		return nil, nil
 	}

+	secret := utils.GetSecret(config.LDAP.BindPassword, config.LDAP.BindPasswordFile)
+	config.LDAP.BindPassword = secret
+	config.LDAP.BindPasswordFile = ""
+
 	ldap := &LdapService{
 		log:    log,
 		config: config,
Author	SHA1	Message	Date
Ryc O'Chet	42ce47dab3	Ensure the ldap service uses the correct value	2026-06-09 10:53:44 +01:00
Ryc O'Chet	b68426d931	Move secret loading to only run once	2026-06-09 10:28:23 +01:00
Ryc O'Chet	b90f95a17d	Fix missing import	2026-06-08 12:55:01 +01:00
Ryc O'Chet	3d28c6e6d9	Add LDAP BindPasswordFile Fixes #927	2026-06-08 12:46:39 +01:00