From f45e693a93bbf41c200a530a83855590af4e027c Mon Sep 17 00:00:00 2001
From: Julian Rother <julianr@fsmpi.rwth-aachen.de>
Date: Sat, 8 Oct 2016 14:07:37 +0200
Subject: [PATCH] Added l2p and rwth-intern auth checks

---
 db_schema.sql | 1 +
 server.py     | 8 ++++++++
 2 files changed, 9 insertions(+)

diff --git a/db_schema.sql b/db_schema.sql
index 65b7cf8..7a53139 100644
--- a/db_schema.sql
+++ b/db_schema.sql
@@ -112,6 +112,7 @@ CREATE TABLE IF NOT EXISTS `auth_data` (
 	`lecture_id` INTEGER,
 	`video_id` INTEGER,
 	`auth_type` varchar(10),
+	`auth_param` varchar(127),
 	`auth_user` varchar(127),
 	`auth_passwd` varchar(127),
 	`time_created` datetime NOT NULL,
diff --git a/server.py b/server.py
index 39af4c4..7e4da7c 100644
--- a/server.py
+++ b/server.py
@@ -388,6 +388,14 @@ def auth(): # For use with nginx auth_request
 			if auth and video['auth_user'] == auth.username and video['auth_passwd'] == auth.password:
 				allowed = True
 				break
+		elif video['auth_type'] == 'l2p':
+			if video['auth_param'] in session.get('l2p_courses', []):
+				allowed = True
+				break
+		elif video['auth_type'] == 'rwth':
+			if session.get('rwthintern', False):
+				allowed = True
+				break
 	if not types[0] or allowed or ismod() or \
 			(auth and check_mod(*ldapauth(auth.username, auth.password))):
 		return 'OK', 200
-- 
GitLab