ldap second pass, working state
This commit is contained in:
		
							parent
							
								
									838eb3cb06
								
							
						
					
					
						commit
						e9709b6c8f
					
				
					 6 changed files with 37 additions and 28 deletions
				
			
		|  | @ -110,6 +110,10 @@ class Assets(Environment): | |||
| 
 | ||||
|         return super(Assets, self).register(name, Bundle(*args, filters=filters, output=output)) | ||||
| 
 | ||||
| class MyLDAPLoginManager(LDAPLoginManager): | ||||
|     @property | ||||
|     def attrlist(self): | ||||
|         return None | ||||
| 
 | ||||
| class RegexConverter(BaseConverter): | ||||
|     """ Enables Regex matching on endpoints | ||||
|  | @ -204,7 +208,7 @@ db = SQLAlchemy() | |||
| cache = Cache() | ||||
| assets = Assets() | ||||
| search = Search() | ||||
| ldap = LDAPLoginManager() | ||||
| ldap = MyLDAPLoginManager() | ||||
| 
 | ||||
| assets.register('main.js', | ||||
|                 'vendor/jquery/dist/jquery.js', | ||||
|  |  | |||
|  | @ -1,4 +1 @@ | |||
| from flask_ldap_login import LDAPLoginManager | ||||
| 
 | ||||
| ldap_mgr = LDAPLoginManager() | ||||
| 
 | ||||
|  |  | |||
|  | @ -1,24 +1,38 @@ | |||
| from flask import current_app, render_template | ||||
| from flask import render_template | ||||
| from flask.ext.login import login_user | ||||
| from realms import ldap | ||||
| from flask_ldap_login import LDAPLoginForm | ||||
| from ..models import BaseUser | ||||
| import bcrypt | ||||
| 
 | ||||
| 
 | ||||
| users = {} | ||||
| 
 | ||||
| @ldap.save_user | ||||
| def save_user(username, userdata): | ||||
|     users[username] = User(username, userdata) | ||||
|     return users[username] | ||||
|     user = User(userdata.get('username'), userdata.get('email')) | ||||
|     users[user.id] = user | ||||
|     return user | ||||
| 
 | ||||
| class User(BaseUser): | ||||
|     type = 'ldap' | ||||
| 
 | ||||
|     def __init__(self, username, data): | ||||
|     def __init__(self, username, email='null@localhost.local', password=None): | ||||
|         self.id = username | ||||
|         self.username = username | ||||
|         self.data = data | ||||
|         self.email = email | ||||
|         self.password = password | ||||
| 
 | ||||
|     @property | ||||
|     def auth_token_id(self): | ||||
|         return self.password | ||||
| 
 | ||||
|     @staticmethod | ||||
|     def load_user(*args, **kwargs): | ||||
|         return User.get_by_id(args[0]) | ||||
| 
 | ||||
|     @staticmethod | ||||
|     def get_by_id(user_id): | ||||
|         return users.get(user_id) | ||||
| 
 | ||||
|     @staticmethod | ||||
|     def login_form(): | ||||
|  | @ -26,6 +40,13 @@ class User(BaseUser): | |||
|         return render_template('auth/ldap/login.html', form=form) | ||||
| 
 | ||||
|     @staticmethod | ||||
|     def auth(*args): | ||||
|         login_user(args[0].user, remember=True) | ||||
|         return True | ||||
|     def auth(user, password): | ||||
|         password = User.hash_password(password) | ||||
|         user.password = password | ||||
|         users[user.id] = user | ||||
|         if user: | ||||
|             login_user(user, remember=True) | ||||
|             return True | ||||
|         else: | ||||
|             return False | ||||
| 
 | ||||
|  |  | |||
|  | @ -12,7 +12,7 @@ def login(): | |||
|         flash('Form invalid', 'warning') | ||||
|         return redirect(url_for('auth.login')) | ||||
| 
 | ||||
|     if User.auth(form.user): | ||||
|     if User.auth(form.user, request.form['password']): | ||||
|         return redirect(request.args.get("next") or url_for(current_app.config['ROOT_ENDPOINT'])) | ||||
|     else: | ||||
|         return redirect(url_for('auth.login')) | ||||
|  |  | |||
|  | @ -6,7 +6,6 @@ from ..models import BaseUser | |||
| from .forms import LoginForm | ||||
| from itsdangerous import URLSafeSerializer, BadSignature | ||||
| from hashlib import sha256 | ||||
| import bcrypt | ||||
| 
 | ||||
| 
 | ||||
| @login_manager.token_loader | ||||
|  | @ -88,14 +87,6 @@ class User(Model, BaseUser): | |||
|             # Password check failed | ||||
|             return False | ||||
| 
 | ||||
|     @staticmethod | ||||
|     def hash_password(password): | ||||
|         return bcrypt.hashpw(password.encode('utf-8'), bcrypt.gensalt(12)) | ||||
| 
 | ||||
|     @staticmethod | ||||
|     def check_password(password, hashed): | ||||
|         return bcrypt.hashpw(password.encode('utf-8'), hashed.encode('utf-8')) == hashed | ||||
| 
 | ||||
|     @classmethod | ||||
|     def logout(cls): | ||||
|         logout_user() | ||||
|  |  | |||
|  | @ -1,5 +1,5 @@ | |||
| from flask import current_app | ||||
| from flask.ext.login import UserMixin, logout_user, login_user, AnonymousUserMixin | ||||
| from flask.ext.login import UserMixin, logout_user, AnonymousUserMixin | ||||
| from realms import login_manager | ||||
| from realms.lib.util import gravatar_url | ||||
| from itsdangerous import URLSafeSerializer, BadSignature | ||||
|  | @ -83,10 +83,6 @@ class BaseUser(UserMixin): | |||
|     def signer(salt): | ||||
|         return URLSafeSerializer(current_app.config['SECRET_KEY'] + salt) | ||||
| 
 | ||||
|     @staticmethod | ||||
|     def auth(email, password): | ||||
|         raise NotImplementedError | ||||
| 
 | ||||
|     @staticmethod | ||||
|     def hash_password(password): | ||||
|         return bcrypt.hashpw(password.encode('utf-8'), bcrypt.gensalt(12)) | ||||
|  |  | |||
		Loading…
	
	Add table
		Add a link
		
	
		Reference in a new issue