Skip to content
Snippets Groups Projects
Commit a0694556 authored by Andreas Valder's avatar Andreas Valder
Browse files

Merge branch 'master' of git.fsmpi.rwth-aachen.de:julianundandyfrickelnkram/videoagwebsite

parents b7f07bef 47afb256
No related branches found
No related tags found
No related merge requests found
#!/bin/python
from flask import Flask, render_template, g, request, url_for, redirect
from flask import Flask, render_template, g, request, url_for, redirect, session
import mysql.connector
import sqlite3
import os
import ldap3
import re
app = Flask(__name__)
config = app.config
......@@ -34,7 +36,7 @@ def dict_factory(cursor, row):
d = {}
for idx, col in enumerate(cursor.description):
if type(row[idx]) == str:
d[col[0].split('.')[-1]] = row[idx].replace('\\n','\n')
d[col[0].split('.')[-1]] = row[idx].replace('\\n','\n').replace('\\r','\r')
else:
d[col[0].split('.')[-1]] = row[idx]
return d
......@@ -71,6 +73,23 @@ def searchquery(text, columns, match, tables, suffix, *suffixparams):
expr = 'SELECT *,SUM(_prio) AS _score FROM (%s) AS _tmp %s'%(' UNION '.join(subexprs), suffix)
return query(expr, *params, *suffixparams)
LDAP_USERRE = re.compile(r'[^a-z0-9]')
def ldapauth(user, password):
notldap = {'videoag':('videoag', ['users','videoag']), 'gustav':('passwort', ['users'])}
user = LDAP_USERRE.sub(r'', user.lower())
if 'LDAP_HOST' in config:
try:
conn = ldap3.Connection(config['LDAP_HOST'], 'uid=%s,ou=users,dc=fsmpi,dc=rwth-aachen,dc=de'%user, password, auto_bind=True)
if conn.search("ou=groups,dc=fsmpi,dc=rwth-aachen,dc=de", "(&(cn=*)(memberUid=%s))"%user, attributes=['cn']):
groups = [e.cn.value for e in conn.entries]
conn.unbind()
return user, groups
except ldap3.core.exceptions.LDAPBindError:
pass
elif config.get('DEBUG') and user in notldap and password == notldap[user][0]:
return user, notldap[user][1]
return None, []
@app.route('/')
def index():
return render_template('index.html', latestvideos=query('''
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment