commit 6931bfbe82f446af119fc8dfc45eacb7fbb98cf4
Author: transcaffeine <transcaffeine@finallycoffee.eu>
Date:   Sun May 23 11:11:21 2021 +0200

    chore: first draft

diff --git a/src/main.py b/src/main.py
new file mode 100644
index 0000000..009292d
--- /dev/null
+++ b/src/main.py
@@ -0,0 +1,29 @@
+import ldap
+
+from fastapi import FastAPI
+from pydantic import BaseModel
+
+LDAP_URI = "ldap://127.0.0.1:389"
+
+app = FastAPI()
+
+class PasswordUpdate(BaseModel):
+  bind_pw: str
+  userPassword: str
+
+@app.post("/users/{dn}/updatePassword")
+def change_password(dn: str, updateRequest: PasswordUpdate):
+  ldap_conn = _connect_ldap_simple_bind(LDAP_URI, dn, updateRequest.bind_pw)
+  _update_ldap_userPassword(ldap_conn, updateRequest.userPassword)
+
+def _connect_ldap_simple_bind(server_uri: str, bind_dn: str, bind_pw: str) -> LDAPObject:
+  ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_NEVER)
+  conn = ldap.initialize(server_uri)
+  conn.simple_bind_s(bind_dn, bind_pw)
+  return conn
+
+def _update_ldap_userPassword(conn: LDAPObject, new_pass: str):
+  modlist = [( ldap.MOD_REPLACE, 'userPassword', new_pass )]
+  ldap.connection.modify_s(ldap.dn, modlist)
+
+