feat(X-Pack): Add LDAP authentication mechanism

fit2cloud-chenyw · fit2cloud-chenyw · commit a77f1842be49 · 2025-12-01T14:06:51.000+08:00
diff --git a/frontend/src/assets/svg/icon_qr_outlined.svg b/frontend/src/assets/svg/icon_qr_outlined.svg
@@ -0,0 +1,5 @@
+<svg width="19" height="18" viewBox="0 0 19 18" fill="none" xmlns="http://www.w3.org/2000/svg">
+<g id="icon_qr_outlined">
+<path id="&#229;&#189;&#162;&#231;&#138;&#182;" d="M3.875 8.625H9.125V3.375H3.875V8.625ZM3.125 1.875H9.875C10.2892 1.875 10.625 2.21079 10.625 2.625V9.375C10.625 9.78921 10.2892 10.125 9.875 10.125H3.125C2.71079 10.125 2.375 9.78921 2.375 9.375V2.625C2.375 2.21079 2.71079 1.875 3.125 1.875ZM5.375 4.875H7.625V7.125H5.375V4.875ZM3.875 12.75V14.625H5.75V12.75H3.875ZM3.125 11.25H6.5C6.91421 11.25 7.25 11.5858 7.25 12V15.375C7.25 15.7892 6.91421 16.125 6.5 16.125H3.125C2.71079 16.125 2.375 15.7892 2.375 15.375V12C2.375 11.5858 2.71079 11.25 3.125 11.25ZM13.25 3.375V5.25H15.125V3.375H13.25ZM12.5 1.875H15.875C16.2892 1.875 16.625 2.21079 16.625 2.625V6C16.625 6.41421 16.2892 6.75 15.875 6.75H12.5C12.0858 6.75 11.75 6.41421 11.75 6V2.625C11.75 2.21079 12.0858 1.875 12.5 1.875ZM13.25 12.75V14.625H15.125V12.75H13.25ZM12.5 11.25H15.875C16.2892 11.25 16.625 11.5858 16.625 12V15.375C16.625 15.7892 16.2892 16.125 15.875 16.125H12.5C12.0858 16.125 11.75 15.7892 11.75 15.375V12C11.75 11.5858 12.0858 11.25 12.5 11.25ZM8.75 11.25H10.25V12.75H8.75V11.25ZM8.75 13.875H10.25V16.125H8.75V13.875ZM11.75 8.25H13.25V9.75H11.75V8.25ZM14.375 8.25H16.625V9.75H14.375V8.25Z" fill="#1F2329"/>
+</g>
+</svg>
diff --git a/frontend/src/assets/svg/logo_ldap.svg b/frontend/src/assets/svg/logo_ldap.svg
@@ -1,12 +1,12 @@
-<svg width="32" height="32" viewBox="0 0 32 32" fill="none" xmlns="http://www.w3.org/2000/svg">
+<svg width="32" height="32" viewBox="0 0 32 32" fill="" xmlns="http://www.w3.org/2000/svg">
 <g id="logo_cas">
 <g id="logo_cas_2">
 <mask id="mask0_3028_68898" style="mask-type:alpha" maskUnits="userSpaceOnUse" x="1" y="1" width="30" height="30">
 <circle id="Ellipse 130" cx="16" cy="16" r="15" fill="white"/>
 </mask>
 <g mask="url(#mask0_3028_68898)">
 <g id="CAS">
-<path d="M3.03105 12.86H4.11105V19.07H8.04106V20H3.03105V12.86ZM8.93926 12.86H11.5393C12.6893 12.86 13.5593 13.18 14.1593 13.83C14.7193 14.43 14.9993 15.3 14.9993 16.43C14.9993 17.55 14.7093 18.42 14.1393 19.04C13.5393 19.68 12.6693 20 11.5193 20H8.93926V12.86ZM10.0293 13.79V19.07H11.3193C12.2193 19.07 12.8893 18.85 13.3093 18.42C13.7193 17.99 13.9293 17.33 13.9293 16.43C13.9293 15.51 13.7193 14.85 13.3193 14.43C12.8993 14 12.2393 13.79 11.3393 13.79H10.0293ZM18.1572 12.86H19.3972L22.1472 20H20.9772L20.3072 18.16H17.2372L16.5672 20H15.4072L18.1572 12.86ZM17.5672 17.26H19.9772L18.7972 14.03H18.7572L17.5672 17.26ZM22.8455 12.86H25.8055C27.5055 12.86 28.3555 13.58 28.3555 15.03C28.3555 16.49 27.4955 17.22 25.7855 17.22H23.9355V20H22.8455V12.86ZM23.9355 13.79V16.29H25.7155C26.2555 16.29 26.6455 16.19 26.8955 15.99C27.1355 15.79 27.2655 15.47 27.2655 15.03C27.2655 14.59 27.1355 14.27 26.8855 14.09C26.6355 13.89 26.2455 13.79 25.7155 13.79H23.9355Z" fill="#3370FF"/>
+<path d="M3.03105 12.86H4.11105V19.07H8.04106V20H3.03105V12.86ZM8.93926 12.86H11.5393C12.6893 12.86 13.5593 13.18 14.1593 13.83C14.7193 14.43 14.9993 15.3 14.9993 16.43C14.9993 17.55 14.7093 18.42 14.1393 19.04C13.5393 19.68 12.6693 20 11.5193 20H8.93926V12.86ZM10.0293 13.79V19.07H11.3193C12.2193 19.07 12.8893 18.85 13.3093 18.42C13.7193 17.99 13.9293 17.33 13.9293 16.43C13.9293 15.51 13.7193 14.85 13.3193 14.43C12.8993 14 12.2393 13.79 11.3393 13.79H10.0293ZM18.1572 12.86H19.3972L22.1472 20H20.9772L20.3072 18.16H17.2372L16.5672 20H15.4072L18.1572 12.86ZM17.5672 17.26H19.9772L18.7972 14.03H18.7572L17.5672 17.26ZM22.8455 12.86H25.8055C27.5055 12.86 28.3555 13.58 28.3555 15.03C28.3555 16.49 27.4955 17.22 25.7855 17.22H23.9355V20H22.8455V12.86ZM23.9355 13.79V16.29H25.7155C26.2555 16.29 26.6455 16.19 26.8955 15.99C27.1355 15.79 27.2655 15.47 27.2655 15.03C27.2655 14.59 27.1355 14.27 26.8855 14.09C26.6355 13.89 26.2455 13.79 25.7155 13.79H23.9355Z" fill=""/>
 </g>
 </g>
 </g>
diff --git a/frontend/src/i18n/en.json b/frontend/src/i18n/en.json
@@ -752,7 +752,18 @@
     "oidc_settings": "OIDC Settings",
     "metadata_url": "Metadata URL",
     "realm": "Realm",
-    "oidc_field_mapping_placeholder": "e.g., {\"account\": \"oidcAccount\", \"name\": \"oidcName\", \"email\": \"email\"}"
+    "oidc_field_mapping_placeholder": "e.g., {\"account\": \"oidcAccount\", \"name\": \"oidcName\", \"email\": \"email\"}",
+    "ldap_settings": "LDAP Settings",
+    "server_address": "Server Address",
+    "server_address_placeholder": "Example: ldap://ldap.example.com:389",
+    "bind_dn": "Bind DN",
+    "bind_dn_placeholder": "Example: cn=admin,dc=example,dc=com",
+    "bind_pwd": "Bind Password",
+    "ou": "User OU",
+    "ou_placeholder": "Example: ou=users,dc=example,dc=com",
+    "user_filter": "User Filter",
+    "user_filter_placeholder": "Example: uid",
+    "ldap_field_mapping_placeholder": "Example: {\"account\": \"ldapAccount\", \"name\": \"ldapName\", \"email\": \"mail\"}"
   },
   "login": {
     "default_login": "Default",
diff --git a/frontend/src/i18n/ko-KR.json b/frontend/src/i18n/ko-KR.json
@@ -752,7 +752,18 @@
     "oidc_settings": "OIDC 설정",
     "metadata_url": "메타데이터 URL",
     "realm": "영역",
-    "oidc_field_mapping_placeholder": "예: {\"account\": \"oidcAccount\", \"name\": \"oidcName\", \"email\": \"email\"}"
+    "oidc_field_mapping_placeholder": "예: {\"account\": \"oidcAccount\", \"name\": \"oidcName\", \"email\": \"email\"}",
+    "ldap_settings": "LDAP 설정",
+    "server_address": "서버 주소",
+    "server_address_placeholder": "예: ldap://ldap.example.com:389",
+    "bind_dn": "바인드 DN",
+    "bind_dn_placeholder": "예: cn=admin,dc=example,dc=com",
+    "bind_pwd": "바인드 비밀번호",
+    "ou": "사용자 OU",
+    "ou_placeholder": "예: ou=users,dc=example,dc=com",
+    "user_filter": "사용자 필터",
+    "user_filter_placeholder": "예: uid",
+    "ldap_field_mapping_placeholder": "예: {\"account\": \"ldapAccount\", \"name\": \"ldapName\", \"email\": \"mail\"}"
   },
   "login": {
     "default_login": "기본값",
diff --git a/frontend/src/i18n/zh-CN.json b/frontend/src/i18n/zh-CN.json
@@ -752,7 +752,18 @@
     "oidc_settings": "OIDC 设置",
     "metadata_url": "元数据地址",
     "realm": "领域",
-    "oidc_field_mapping_placeholder": "例如：{'{'}\"account\": \"oidcAccount\", \"name\": \"oidcName\", \"email\": \"email\"{'}'}"
+    "oidc_field_mapping_placeholder": "例如：{'{'}\"account\": \"oidcAccount\", \"name\": \"oidcName\", \"email\": \"email\"{'}'}",
+    "ldap_settings": "LDAP 设置",
+    "server_address": "服务器地址",
+    "server_address_placeholder": "例如：ldap://ldap.example.com:389",
+    "bind_dn": "绑定 DN",
+    "bind_dn_placeholder": "例如：cn=admin,dc=example,dc=com",
+    "bind_pwd": "绑定密码",
+    "ou": "用户 OU",
+    "ou_placeholder": "例如：ou=users,dc=example,dc=com",
+    "user_filter": "用户过滤器",
+    "user_filter_placeholder": "例如：uid",
+    "ldap_field_mapping_placeholder": "例如：{'{'}\"account\": \"ldapAccount\", \"name\": \"ldapName\", \"email\": \"mail\"{'}'}"
   },
   "login": {
     "default_login": "默认",
diff --git a/frontend/src/views/login/index.vue b/frontend/src/views/login/index.vue
@@ -28,42 +28,45 @@
         </div>
         <div v-else class="welcome" style="height: 0"></div>
         <div class="login-form">
-          <h2 class="title">{{ $t('common.login') }}</h2>
-          <el-form
-            ref="loginFormRef"
-            class="form-content_error"
-            :model="loginForm"
-            :rules="rules"
-            @keyup.enter="submitForm"
-          >
-            <el-form-item prop="username">
-              <el-input
-                v-model="loginForm.username"
-                clearable
-                :placeholder="$t('common.your_account_email_address')"
-                size="large"
-              ></el-input>
-            </el-form-item>
-            <el-form-item prop="password">
-              <el-input
-                v-model="loginForm.password"
-                :placeholder="$t('common.enter_your_password')"
-                type="password"
-                show-password
-                clearable
-                size="large"
-              ></el-input>
-            </el-form-item>
-            <el-form-item>
-              <el-button type="primary" class="login-btn" @click="submitForm">{{
-                $t('common.login_')
-              }}</el-button>
-            </el-form-item>
-          </el-form>
+          <div class="default-login-tabs">
+            <h2 class="title">{{ $t('common.login') }}</h2>
+            <el-form
+              ref="loginFormRef"
+              class="form-content_error"
+              :model="loginForm"
+              :rules="rules"
+              @keyup.enter="submitForm"
+            >
+              <el-form-item prop="username">
+                <el-input
+                  v-model="loginForm.username"
+                  clearable
+                  :placeholder="$t('common.your_account_email_address')"
+                  size="large"
+                ></el-input>
+              </el-form-item>
+              <el-form-item prop="password">
+                <el-input
+                  v-model="loginForm.password"
+                  :placeholder="$t('common.enter_your_password')"
+                  type="password"
+                  show-password
+                  clearable
+                  size="large"
+                ></el-input>
+              </el-form-item>
+              <el-form-item>
+                <el-button type="primary" class="login-btn" @click="submitForm">{{
+                  $t('common.login_')
+                }}</el-button>
+              </el-form-item>
+            </el-form>
+          </div>
           <Handler
             ref="xpackLoginHandler"
             v-model:loading="showLoading"
             jsname="L2NvbXBvbmVudC9sb2dpbi9IYW5kbGVy"
+            @switch-tab="switchTab"
           />
         </div>
       </div>
@@ -93,7 +96,9 @@ const loginForm = ref({
   username: '',
   password: '',
 })
+const activeName = ref('simple')
 
+// const isLdap = computed(() => activeName.value == 'ldap')
 const bg = computed(() => {
   return appearanceStore.getBg || (appearanceStore.isBlue ? loginImage : login_image)
 })
@@ -118,6 +123,9 @@ const submitForm = () => {
     }
   })
 }
+const switchTab = (name: string) => {
+  activeName.value = name || 'simple'
+}
 </script>
 
 <style lang="less" scoped>
diff --git a/frontend/src/views/login/xpack/Handler.vue b/frontend/src/views/login/xpack/Handler.vue
@@ -8,18 +8,19 @@
       :larksuite="loginCategory.larksuite"
     />
   </div> -->
+  <LdapLoginForm v-if="isLdap" />
   <el-divider v-if="anyEnable" class="de-other-login-divider">{{
     t('login.other_login')
   }}</el-divider>
   <el-form-item v-if="anyEnable" class="other-login-item">
     <div class="login-list">
-      <!-- <QrcodeLdap
+      <QrcodeLdap
         v-if="loginCategory.qrcode || loginCategory.ldap"
         ref="qrcodeLdapHandler"
         :qrcode="loginCategory.qrcode"
         :ldap="loginCategory.ldap"
         @status-change="qrStatusChange"
-      /> -->
+      />
       <Oidc v-if="loginCategory.oidc" @switch-category="switcherCategory" />
       <Oauth2 v-if="loginCategory.oauth2" ref="oauth2Handler" @switch-category="switcherCategory" />
       <Cas v-if="loginCategory.cas" @switch-category="switcherCategory" />
@@ -51,8 +52,9 @@
 
 <script lang="ts" setup>
 import { ref, onMounted } from 'vue'
-/* import QrcodeLdap from './QrcodeLdap.vue'
-import Oidc from './Oidc.vue'
+import QrcodeLdap from './QrcodeLdap.vue'
+import LdapLoginForm from './LdapLoginForm.vue'
+/* import Oidc from './Oidc.vue'
 import Oauth2 from './Oauth2.vue'
 import Saml2 from './Saml2.vue' */
 import Oidc from './Oidc.vue'
@@ -70,6 +72,7 @@ import { loadClient, type LoginCategory } from './PlatformClient'
 // import { logoutHandler } from '@/utils/logout'
 import { useI18n } from 'vue-i18n'
 // import PlatformError from './PlatformError.vue'
+const isLdap = ref(false)
 defineProps<{
   loading: boolean
 }>()
@@ -211,14 +214,16 @@ const init = (cb?: () => void) => {
     })
 }
 
-/* const qrStatusChange = (activeComponent: string) => {
+const qrStatusChange = (activeComponent: string) => {
   qrStatus.value = activeComponent === 'qrcode'
+  isLdap.value = false
   if (activeComponent === 'account') {
     emits('switchTab', 'simple')
   } else if (activeComponent === 'ldap') {
+    isLdap.value = true
     switcherCategory({ category: 'ldap', proxy: '' })
   }
-} */
+}
 /* const showMfa = ref(false)
 const toMfa = (mfa) => {
   state.mfaData = mfa
diff --git a/frontend/src/views/login/xpack/LdapLoginForm.vue b/frontend/src/views/login/xpack/LdapLoginForm.vue
@@ -0,0 +1,99 @@
+<template>
+  <div class="default-login-tabs-ldap">
+    <h2 class="title">{{ t('login.ldap_login') }}</h2>
+    <el-form
+      ref="loginFormRef"
+      class="form-content_error"
+      :model="loginForm"
+      @keyup.enter="submitForm"
+    >
+      <el-form-item prop="username">
+        <el-input
+          v-model="loginForm.username"
+          clearable
+          :placeholder="t('login.input_account')"
+          size="large"
+        ></el-input>
+      </el-form-item>
+      <el-form-item prop="password">
+        <el-input
+          v-model="loginForm.password"
+          :placeholder="$t('common.enter_your_password')"
+          type="password"
+          show-password
+          clearable
+          size="large"
+        ></el-input>
+      </el-form-item>
+      <el-form-item>
+        <el-button type="primary" class="login-btn" @click="submitForm">{{
+          $t('common.login_')
+        }}</el-button>
+      </el-form-item>
+    </el-form>
+  </div>
+</template>
+
+<script setup lang="ts">
+import { ref } from 'vue'
+import { useI18n } from 'vue-i18n'
+import { request } from '@/utils/request'
+import { useRouter } from 'vue-router'
+import { useUserStore } from '@/stores/user.ts'
+
+const userStore = useUserStore()
+const router = useRouter()
+const { t } = useI18n()
+const loginForm = ref({
+  username: '',
+  password: '',
+  origin: 1,
+})
+const loginFormRef = ref()
+const submitForm = () => {
+  loginFormRef.value.validate((valid: boolean) => {
+    if (valid) {
+      const data = { ...loginForm.value }
+      request.post('/system/authentication/sso/3', data).then((res: any) => {
+        const token = res.access_token
+        userStore.setToken(token)
+        userStore.setExp(res.exp)
+        userStore.setTime(Date.now())
+        router.push('/')
+      })
+    }
+  })
+}
+</script>
+
+<style lang="less" scoped>
+.form-content_error {
+  .ed-form-item--default {
+    margin-bottom: 24px;
+    &.is-error {
+      margin-bottom: 48px;
+    }
+  }
+}
+
+.title {
+  font-weight: 500;
+  font-style: Medium;
+  font-size: 20px;
+  line-height: 28px;
+  margin-bottom: 24px;
+}
+
+.login-btn {
+  width: 100%;
+  height: 45px;
+  font-size: 16px;
+  border-radius: 4px;
+}
+
+.agreement {
+  margin-top: 20px;
+  text-align: center;
+  color: #666;
+}
+</style>
diff --git a/frontend/src/views/login/xpack/QrcodeLdap.vue b/frontend/src/views/login/xpack/QrcodeLdap.vue
diff --git a/frontend/src/views/system/authentication/LdapEditor.vue b/frontend/src/views/system/authentication/LdapEditor.vue
diff --git a/frontend/src/views/system/authentication/index.vue b/frontend/src/views/system/authentication/index.vue
