diff --git a/auth.py b/auth.py
index 58d16a52ca1e9d2b7117d20fc312fb03f7d621de..e48e651e301e1182345babaf34d7e8f046fcfd3a 100644
--- a/auth.py
+++ b/auth.py
@@ -135,6 +135,30 @@ class ADManager:
for result in reader.search():
yield result.name.value
+
+class StaticUserManager:
+ def __init__(self, users):
+ self.passwords = {
+ username: password
+ for (username, password, groups) in users
+ }
+ self.groups = {
+ username: groups
+ for (username, password, groups) in users
+ }
+
+ def authenticate(self, username, password):
+ return (username in self.passwords
+ and self.passwords[username] == password)
+
+ def groups(self, username, password=None):
+ if username in self.groups:
+ yield from self.groups[username]
+
+ def all_groups(self):
+ return list(set(group for group in groups.values()))
+
+
class SecurityManager:
def __init__(self, key, max_duration=300):
self.maccer = hmac.new(key.encode("utf-8"), digestmod=hashlib.sha512)
diff --git a/config.py.example b/config.py.example
index 4a854587cc4766e5edff21f73182c483f7411eff..79a2dff40450d24eb2da78b3cf21a75856cb1875 100644
--- a/config.py.example
+++ b/config.py.example
@@ -62,7 +62,7 @@ SESSION_PROTECTION = "strong" # do not change
# authentication
SECURITY_KEY = "some other random string" # change this
AUTH_MAX_DURATION = 300
-from auth import LdapManager, ADManager
+from auth import LdapManager, ADManager, StaticUserManager
AUTH_BACKENDS = [
LdapManager(
host="ldap.example.com",
@@ -73,7 +73,13 @@ AUTH_BACKENDS = [
domain="EXAMPLE",
user_dn="cn=users,dc=example,dc=com",
group_dn="dc=example,dc=com",
- ca_cert="/etc/ssl/certs/example-ca.pem")
+ ca_cert="/etc/ssl/certs/example-ca.pem"),
+ StaticUserManager(
+ users=(
+ ("username", "password", ("group1", "group2")),
+ ("testuser", "abc123", ("group1")),
+ )
+ )
]
OBSOLETION_WARNING = """Please migrate your account!""" # not important