Added custom login paths. Added feature #185

frontend/client/views/login/index.vue

@@ -53,6 +53,16 @@
                 </div>
               </div>
 
+              <!-- Custom login path -->
+              <div v-if="bCustomPath && type !== 'Token'" class="field">
+                <p class="control has-icons-left">
+                  <input class="input" type="text" placeholder="Mount name e.g. 'ldap2'" v-model="customPath">
+                  <span class="icon is-small is-left">
+                    <i class="fa fa-tasks"></i>
+                  </span>
+                </p>
+              </div>
+
               <!-- Token login form -->
               <div v-if="type === 'Token'" class="field">
                 <p class="control has-icons-left">
@@ -133,6 +143,15 @@
                 </div>
               </div>
 
+              <div v-if="type !== 'Token'" class="field">
+                <div class="control">
+                  <label class="checkbox">
+                    <input type="checkbox" v-model="bCustomPath">
+                    Custom path
+                  </label>
+                </div>
+              </div>
+
               <div class="field">
                 <p class="control">
                   <button @click="login" type="submit" value="Login" class="button is-primary">
@@ -280,7 +299,9 @@ export default {
       goldfishHealthData: {},
       goldfishHealthLoading: false,
       secretID: '',
-      bootstrapLoading: false
+      bootstrapLoading: false,
+      bCustomPath: false,
+      customPath: ''
     }
   },
 
@@ -367,9 +388,10 @@ export default {
 
     login: function () {
       this.$http.post('/v1/login', {
-        Type: this.type.toLowerCase(),
+        type: this.type.toLowerCase(),
         id: this.ID,
-        Password: this.password
+        password: this.password,
+        path: this.bCustomPath ? this.customPath.trim('/') : ''
       }, {
         headers: {'X-Vault-Token': this.session ? this.session.token : ''}
       })
@@ -410,6 +432,15 @@ export default {
         // to avoid ambiguity, current session should be purged when new login fails
         this.logout()
         this.$onError(error)
+        if (this.bCustomPath && error.response.status === 400
+          && error.response.data.error === 'Vault:  missing client token') {
+          this.$notify({
+            title: 'Custom path?',
+            message: 'If the custom path does not exist, vault will respond with error 400',
+            type: 'warning',
+            duration: 10000
+          })
+        }
       })
     },
 
@@ -423,6 +454,8 @@ export default {
     clearFormData: function () {
       this.ID = ''
       this.password = ''
+      this.bCustomPath = false
+      this.customPath = ''
     },
 
     renewLogin: function () {

vault/login.go

@@ -45,8 +45,16 @@ func (auth *AuthInfo) Login() (map[string]interface{}, error) {
 
 	// if logging in for the first time with these auth backends
 	if t == "userpass" || t == "ldap" || t == "github" || t == "okta" {
-		// fetch a client token by logging. Auth backend is hardcoded for now
-		resp, err := client.Logical().Write("auth/" + t + "/login/" + auth.ID,
+		// fetch a client token by writing to vault auth backend
+		loginPath := "auth/" + t + "/login/" + auth.ID
+
+		// if auth has a different backend name, use that
+		if auth.Path != "" {
+			loginPath = "auth/" + auth.Path + "/login/" + auth.ID
+		}
+
+		resp, err := client.Logical().Write(
+			loginPath,
 			map[string]interface{}{
 				key: auth.Pass,
 			})

vault/vault.go

@@ -10,9 +10,10 @@ import (
 )
 
 type AuthInfo struct {
-	Type string `json:"Type" form:"Type" query:"Type"`
+	Type string `json:"type" form:"Type" query:"Type"`
 	ID   string `json:"ID" form:"ID" query:"ID"`
 	Pass string `json:"password" form:"Password" query:"Password"`
+	Path string `json:"path" form:"Path" query:"Path"`
 }
 
 var (