Commit 5d160889 authored by Andreas Valder's avatar Andreas Valder
Browse files

moved ldap stuff from db.py to ldap.py closes #343

parent 170a7a86
from server import * from server import *
import re
if config['DB_ENGINE'] == 'sqlite': if config['DB_ENGINE'] == 'sqlite':
import sqlite3 import sqlite3
...@@ -25,7 +24,6 @@ if config['DB_ENGINE'] == 'sqlite': ...@@ -25,7 +24,6 @@ if config['DB_ENGINE'] == 'sqlite':
cur = db.cursor() cur = db.cursor()
if config['SQLITE_INIT_SCHEMA']: if config['SQLITE_INIT_SCHEMA']:
cur.executescript(open(config['DB_SCHEMA']).read()) cur.executescript(open(config['DB_SCHEMA']).read())
if config['SQLITE_INIT_DATA'] and created:
cur.executescript(open(config['DB_DATA']).read()) cur.executescript(open(config['DB_DATA']).read())
db.commit() db.commit()
db.close() db.close()
...@@ -144,31 +142,3 @@ def searchquery(text, columns, match, tables, suffix, *suffixparams): ...@@ -144,31 +142,3 @@ def searchquery(text, columns, match, tables, suffix, *suffixparams):
return [] return []
expr = 'SELECT *,SUM(_prio) AS _score FROM (%s) AS _tmp %s'%(' UNION '.join(subexprs), suffix) expr = 'SELECT *,SUM(_prio) AS _score FROM (%s) AS _tmp %s'%(' UNION '.join(subexprs), suffix)
return query(expr, *(list(params)+list(suffixparams))) return query(expr, *(list(params)+list(suffixparams)))
LDAP_USERRE = re.compile(r'[^a-z0-9]')
if 'LDAP_HOST' in config:
import ldap3
def ldapauth(user, password):
user = LDAP_USERRE.sub(r'', user.lower())
try:
conn = ldap3.Connection(ldap3.Server(config['LDAP_HOST'], port=config['LDAP_PORT'], use_ssl=True), 'fsmpi\\%s'%user, password, auto_bind=True, check_names=False)
except ldap3.core.exceptions.LDAPBindError:
return {}, []
conn.search("cn=users,dc=fsmpi,dc=rwth-aachen,dc=de", "(cn=%s)"%user, attributes=['memberOf', 'givenName', 'sn'])
info = {'uid': user, 'givenName': conn.response[0]['attributes']['givenName'][0], 'sn': conn.response[0]['attributes']['sn'][0]}
groups = [g.split(',')[0].split('=')[-1] for g in conn.response[0]['attributes']['memberOf']]
conn.unbind()
return info, groups
else:
notldap = {
'videoag':('videoag', ['fachschaft','videoag'], {'uid': 'videoag', 'givenName': 'Video', 'sn': 'Geier'}),
'gustav':('passwort', ['fachschaft'], {'uid': 'gustav', 'givenName': 'Gustav', 'sn': 'Geier'})
}
def ldapauth(user, password):
user = LDAP_USERRE.sub(r'', user.lower())
if config.get('DEBUG') and user in notldap and password == notldap[user][0]:
return notldap[user][2], notldap[user][1]
return {}, []
from server import *
import re
LDAP_USERRE = re.compile(r'[^a-z0-9]')
if 'LDAP_HOST' in config:
import ldap3
def ldapauth(user, password):
user = LDAP_USERRE.sub(r'', user.lower())
try:
conn = ldap3.Connection(ldap3.Server(config['LDAP_HOST'], port=config['LDAP_PORT'], use_ssl=True), 'fsmpi\\%s'%user, password, auto_bind=True, check_names=False)
except ldap3.core.exceptions.LDAPBindError:
return {}, []
conn.search("cn=users,dc=fsmpi,dc=rwth-aachen,dc=de", "(cn=%s)"%user, attributes=['memberOf', 'givenName', 'sn'])
info = {'uid': user, 'givenName': conn.response[0]['attributes']['givenName'][0], 'sn': conn.response[0]['attributes']['sn'][0]}
groups = [g.split(',')[0].split('=')[-1] for g in conn.response[0]['attributes']['memberOf']]
conn.unbind()
return info, groups
else:
notldap = {
'videoag':('videoag', ['fachschaft','videoag'], {'uid': 'videoag', 'givenName': 'Video', 'sn': 'Geier'}),
'gustav':('passwort', ['fachschaft'], {'uid': 'gustav', 'givenName': 'Gustav', 'sn': 'Geier'})
}
def ldapauth(user, password):
user = LDAP_USERRE.sub(r'', user.lower())
if config.get('DEBUG') and user in notldap and password == notldap[user][0]:
return notldap[user][2], notldap[user][1]
return {}, []
...@@ -72,7 +72,8 @@ app.jinja_env.globals['gitversion'] = { 'hash': output[1], 'longhash': output[0] ...@@ -72,7 +72,8 @@ app.jinja_env.globals['gitversion'] = { 'hash': output[1], 'longhash': output[0]
if not config.get('SECRET_KEY', None): if not config.get('SECRET_KEY', None):
config['SECRET_KEY'] = os.urandom(24) config['SECRET_KEY'] = os.urandom(24)
from db import query, modify, show, searchquery, ldapauth from db import query, modify, show, searchquery
from ldap import ldapauth
mod_endpoints = [] mod_endpoints = []
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment