insert into db
connect via LDAP config
This commit is contained in:
parent
8d284b151d
commit
91f0908059
|
@ -47,8 +47,6 @@ SIDEBAR_PUBLISHER = 4096
|
||||||
DEFAULT_PASS = "admin123"
|
DEFAULT_PASS = "admin123"
|
||||||
DEFAULT_PORT = int(os.environ.get("CALIBRE_PORT", 8083))
|
DEFAULT_PORT = int(os.environ.get("CALIBRE_PORT", 8083))
|
||||||
|
|
||||||
LDAP_PROVIDER_URL = 'ldap://localhost:389/'
|
|
||||||
LDAP_PROTOCOL_VERSION = 3
|
|
||||||
|
|
||||||
class UserBase:
|
class UserBase:
|
||||||
|
|
||||||
|
@ -155,9 +153,12 @@ class UserBase:
|
||||||
def __repr__(self):
|
def __repr__(self):
|
||||||
return '<User %r>' % self.nickname
|
return '<User %r>' % self.nickname
|
||||||
|
|
||||||
|
#Login via LDAP method
|
||||||
@staticmethod
|
@staticmethod
|
||||||
def try_login(username, password):
|
def try_login(username, password):
|
||||||
conn = get_ldap_connection()
|
conn = get_ldap_connection()
|
||||||
|
print "bind : {}".format(config.config_ldap_dn)
|
||||||
|
print "replace :{}".format(config.config_ldap_dn.replace("%s", username))
|
||||||
conn.simple_bind_s(
|
conn.simple_bind_s(
|
||||||
'uid={},ou=users,dc=yunohost,dc=org'.format(username),
|
'uid={},ou=users,dc=yunohost,dc=org'.format(username),
|
||||||
password
|
password
|
||||||
|
@ -803,7 +804,8 @@ else:
|
||||||
|
|
||||||
#get LDAP connection
|
#get LDAP connection
|
||||||
def get_ldap_connection():
|
def get_ldap_connection():
|
||||||
conn = ldap.initialize(LDAP_PROVIDER_URL)
|
print "login to LDAP server ldap://{}".format(config.config_ldap_provider_url)
|
||||||
|
conn = ldap.initialize('ldap://{}'.format(config.config_ldap_provider_url))
|
||||||
return conn
|
return conn
|
||||||
|
|
||||||
# Generate global Settings Object accessible from every file
|
# Generate global Settings Object accessible from every file
|
||||||
|
|
20
cps/web.py
20
cps/web.py
|
@ -2343,16 +2343,15 @@ def login():
|
||||||
if request.method == "POST":
|
if request.method == "POST":
|
||||||
form = request.form.to_dict()
|
form = request.form.to_dict()
|
||||||
user = ub.session.query(ub.User).filter(func.lower(ub.User.nickname) == form['username'].strip().lower()).first()
|
user = ub.session.query(ub.User).filter(func.lower(ub.User.nickname) == form['username'].strip().lower()).first()
|
||||||
|
if config.config_use_ldap and ub.User.try_login(form['username'], form['password']):
|
||||||
try:
|
try:
|
||||||
app.logger.info("Tryong LDAP connexion")
|
|
||||||
ub.User.try_login(form['username'], form['password'])
|
|
||||||
login_user(user, remember=True)
|
login_user(user, remember=True)
|
||||||
flash(_(u"you are now logged in as: '%(nickname)s'", nickname=user.nickname), category="success")
|
flash(_(u"you are now logged in as: '%(nickname)s'", nickname=user.nickname), category="success")
|
||||||
return redirect_back(url_for("index"))
|
return redirect_back(url_for("index"))
|
||||||
except ldap.INVALID_CREDENTIALS:
|
except ldap.INVALID_CREDENTIALS:
|
||||||
ipAdress = request.headers.get('X-Forwarded-For', request.remote_addr)
|
ipAdress = request.headers.get('X-Forwarded-For', request.remote_addr)
|
||||||
app.logger.info('LDAP Login failed for user "' + form['username'] + '" IP-adress: ' + ipAdress)
|
app.logger.info('LDAP Login failed for user "' + form['username'] + '" IP-adress: ' + ipAdress)
|
||||||
if user and check_password_hash(user.password, form['password']) and user.nickname is not "Guest" and not user.is_authenticated:
|
elif user and check_password_hash(user.password, form['password']) and user.nickname is not "Guest" and not user.is_authenticated:
|
||||||
login_user(user, remember=True)
|
login_user(user, remember=True)
|
||||||
flash(_(u"you are now logged in as: '%(nickname)s'", nickname=user.nickname), category="success")
|
flash(_(u"you are now logged in as: '%(nickname)s'", nickname=user.nickname), category="success")
|
||||||
return redirect_back(url_for("index"))
|
return redirect_back(url_for("index"))
|
||||||
|
@ -3075,6 +3074,21 @@ def configuration_helper(origin):
|
||||||
if "config_ebookconverter" in to_save:
|
if "config_ebookconverter" in to_save:
|
||||||
content.config_ebookconverter = int(to_save["config_ebookconverter"])
|
content.config_ebookconverter = int(to_save["config_ebookconverter"])
|
||||||
|
|
||||||
|
#LDAP configuratop,
|
||||||
|
if "config_use_ldap" in to_save and to_save["config_use_ldap"] == "on":
|
||||||
|
if not "config_ldap_provider_url" in to_save or not "content.config_ldap_dn" in to_save:
|
||||||
|
ub.session.commit()
|
||||||
|
flash(_(u'Please enter a LDAP provider and a DN'), category="error")
|
||||||
|
return render_title_template("config_edit.html", content=config, origin=origin,
|
||||||
|
gdrive=gdriveutils.gdrive_support, gdriveError=gdriveError,
|
||||||
|
goodreads=goodreads_support, title=_(u"Basic Configuration"),
|
||||||
|
page="config")
|
||||||
|
else:
|
||||||
|
content.config_use_ldap = 1
|
||||||
|
content.config_ldap_provider_url = to_save["config_ldap_provider_url"]
|
||||||
|
content.config_ldap_dn = to_save["config_ldap_dn"]
|
||||||
|
db_change = True
|
||||||
|
|
||||||
# Remote login configuration
|
# Remote login configuration
|
||||||
content.config_remote_login = ("config_remote_login" in to_save and to_save["config_remote_login"] == "on")
|
content.config_remote_login = ("config_remote_login" in to_save and to_save["config_remote_login"] == "on")
|
||||||
if not content.config_remote_login:
|
if not content.config_remote_login:
|
||||||
|
|
Loading…
Reference in New Issue
Block a user