Commit f0a12836 authored by Robin Sonnabend's avatar Robin Sonnabend
Browse files

Add static user backend for testing purposes

parent a99ed85f
...@@ -135,6 +135,30 @@ class ADManager: ...@@ -135,6 +135,30 @@ class ADManager:
for result in reader.search(): for result in reader.search():
yield result.name.value yield result.name.value
class StaticUserManager:
def __init__(self, users):
self.passwords = {
username: password
for (username, password, groups) in users
}
self.groups = {
username: groups
for (username, password, groups) in users
}
def authenticate(self, username, password):
return (username in self.passwords
and self.passwords[username] == password)
def groups(self, username, password=None):
if username in self.groups:
yield from self.groups[username]
def all_groups(self):
return list(set(group for group in groups.values()))
class SecurityManager: class SecurityManager:
def __init__(self, key, max_duration=300): def __init__(self, key, max_duration=300):
self.maccer = hmac.new(key.encode("utf-8"), digestmod=hashlib.sha512) self.maccer = hmac.new(key.encode("utf-8"), digestmod=hashlib.sha512)
......
...@@ -62,7 +62,7 @@ SESSION_PROTECTION = "strong" # do not change ...@@ -62,7 +62,7 @@ SESSION_PROTECTION = "strong" # do not change
# authentication # authentication
SECURITY_KEY = "some other random string" # change this SECURITY_KEY = "some other random string" # change this
AUTH_MAX_DURATION = 300 AUTH_MAX_DURATION = 300
from auth import LdapManager, ADManager from auth import LdapManager, ADManager, StaticUserManager
AUTH_BACKENDS = [ AUTH_BACKENDS = [
LdapManager( LdapManager(
host="ldap.example.com", host="ldap.example.com",
...@@ -73,7 +73,13 @@ AUTH_BACKENDS = [ ...@@ -73,7 +73,13 @@ AUTH_BACKENDS = [
domain="EXAMPLE", domain="EXAMPLE",
user_dn="cn=users,dc=example,dc=com", user_dn="cn=users,dc=example,dc=com",
group_dn="dc=example,dc=com", group_dn="dc=example,dc=com",
ca_cert="/etc/ssl/certs/example-ca.pem") ca_cert="/etc/ssl/certs/example-ca.pem"),
StaticUserManager(
users=(
("username", "password", ("group1", "group2")),
("testuser", "abc123", ("group1")),
)
)
] ]
OBSOLETION_WARNING = """Please migrate your account!""" # not important OBSOLETION_WARNING = """Please migrate your account!""" # not important
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment