Merge pull request #37 from xbulat/master

Ldap_filter and login page setting
This commit is contained in:
Khanh Ngo 2016-04-29 17:36:39 +07:00
commit 283822eef0
4 changed files with 23 additions and 4 deletions

View File

@ -20,6 +20,8 @@ if 'LDAP_TYPE' in app.config.keys():
LDAP_PASSWORD = app.config['LDAP_PASSWORD'] LDAP_PASSWORD = app.config['LDAP_PASSWORD']
LDAP_SEARCH_BASE = app.config['LDAP_SEARCH_BASE'] LDAP_SEARCH_BASE = app.config['LDAP_SEARCH_BASE']
LDAP_TYPE = app.config['LDAP_TYPE'] LDAP_TYPE = app.config['LDAP_TYPE']
LDAP_FILTER = app.config['LDAP_FILTER']
LDAP_USERNAMEFIELD = app.config['LDAP_USERNAMEFIELD']
else: else:
LDAP_TYPE = False LDAP_TYPE = False
@ -155,7 +157,8 @@ class User(db.Model):
return False return False
if LDAP_TYPE == 'ldap': if LDAP_TYPE == 'ldap':
searchFilter = "cn=%s" % self.username searchFilter = "(&(%s=%s)%s)" % (LDAP_USERNAMEFIELD, self.username, LDAP_FILTER)
logging.info('Ldap searchFilter "%s"' % searchFilter)
else: else:
searchFilter = "(&(objectcategory=person)(samaccountname=%s))" % self.username searchFilter = "(&(objectcategory=person)(samaccountname=%s))" % self.username
try: try:
@ -188,6 +191,7 @@ class User(db.Model):
# this might be changed in the future # this might be changed in the future
self.firstname = result[0][0][1]['givenName'][0] self.firstname = result[0][0][1]['givenName'][0]
self.lastname = result[0][0][1]['sn'][0] self.lastname = result[0][0][1]['sn'][0]
self.email = result[0][0][1]['mail'][0]
except: except:
self.firstname = self.username self.firstname = self.username
self.lastname = '' self.lastname = ''
@ -214,7 +218,7 @@ class User(db.Model):
We will create a local user (in DB) in order to manage user We will create a local user (in DB) in order to manage user
profile such as name, roles,... profile such as name, roles,...
""" """
user = User(username=self.username, firstname=self.firstname, lastname=self.lastname, role_id=self.role_id) user = User(username=self.username, firstname=self.firstname, lastname=self.lastname, role_id=self.role_id, email=self.email)
db.session.add(user) db.session.add(user)
db.session.commit() db.session.commit()
# assgine user_id to current_user after create in the DB # assgine user_id to current_user after create in the DB

View File

@ -50,7 +50,7 @@
<div class="content"> <div class="content">
<!-- BEGIN LOGIN FORM --> <!-- BEGIN LOGIN FORM -->
<form class="login-form" action="" method="post"> <form class="login-form" action="" method="post">
<h3 class="form-title">Sign In</h3> <h3 class="form-title">Sign In {{ login_title }}</h3>
{% if error %} {% if error %}
<div class="alert alert-danger"> <div class="alert alert-danger">
<button class="close" data-close="alert"></button> <button class="close" data-close="alert"></button>
@ -74,7 +74,9 @@
</div> </div>
<div class="form-group"> <div class="form-group">
<select class="form-control" name="auth_method"> <select class="form-control" name="auth_method">
{% if basic_enabled %}
<option value="LOCAL">Default Authentication</option> <option value="LOCAL">Default Authentication</option>
{% endif %}
{% if ldap_enabled %} {% if ldap_enabled %}
<option value="LDAP">LDAP Authentication</option> <option value="LDAP">LDAP Authentication</option>
{% endif %} {% endif %}
@ -86,11 +88,13 @@
<input type="checkbox" name="remember" value="1"/>Remember </label> <input type="checkbox" name="remember" value="1"/>Remember </label>
<a href="javascript:;" id="forget-password" class="forget-password">Forgot Password?</a> <a href="javascript:;" id="forget-password" class="forget-password">Forgot Password?</a>
</div> </div>
{% if signup_enabled %}
<div class="create-account"> <div class="create-account">
<p> <p>
<a href="javascript:;" id="register-btn" class="uppercase">Create an account</a> <a href="javascript:;" id="register-btn" class="uppercase">Create an account</a>
</p> </p>
</div> </div>
{% endif %}
</form> </form>
<!-- END LOGIN FORM --> <!-- END LOGIN FORM -->
<!-- BEGIN FORGOT PASSWORD FORM --> <!-- BEGIN FORGOT PASSWORD FORM -->

View File

@ -66,7 +66,10 @@ def login():
if request.method == 'GET': if request.method == 'GET':
LDAP_ENABLED = True if 'LDAP_TYPE' in app.config.keys() else False LDAP_ENABLED = True if 'LDAP_TYPE' in app.config.keys() else False
return render_template('login.html', ldap_enabled=LDAP_ENABLED) LOGIN_TITLE = app.config['LOGIN_TITLE'] if 'LOGIN_TITLE' in app.config.keys() else ''
BASIC_ENABLED = app.config['BASIC_ENABLED']
SIGNUP_ENABLED = app.config['SIGNUP_ENABLED']
return render_template('login.html', ldap_enabled=LDAP_ENABLED, login_title=LOGIN_TITLE, basic_enabled=BASIC_ENABLED, signup_enabled=SIGNUP_ENABLED)
# process login # process login
username = request.form['username'] username = request.form['username']

View File

@ -6,6 +6,7 @@ WTF_CSRF_ENABLED = True
SECRET_KEY = 'We are the world' SECRET_KEY = 'We are the world'
BIND_ADDRESS = '127.0.0.1' BIND_ADDRESS = '127.0.0.1'
PORT = 9393 PORT = 9393
LOGIN_TITLE = "PDNS"
# TIMEOUT - for large zones # TIMEOUT - for large zones
TIMEOUT = 10 TIMEOUT = 10
@ -28,6 +29,13 @@ LDAP_URI = 'ldaps://your-ldap-server:636'
LDAP_USERNAME = 'cn=dnsuser,ou=users,ou=services,dc=duykhanh,dc=me' LDAP_USERNAME = 'cn=dnsuser,ou=users,ou=services,dc=duykhanh,dc=me'
LDAP_PASSWORD = 'dnsuser' LDAP_PASSWORD = 'dnsuser'
LDAP_SEARCH_BASE = 'ou=System Admins,ou=People,dc=duykhanh,dc=me' LDAP_SEARCH_BASE = 'ou=System Admins,ou=People,dc=duykhanh,dc=me'
# Additional options only if LDAP_TYPE=ldap
LDAP_USERNAMEFIELD = 'uid'
LDAP_FILTER = '(objectClass=inetorgperson)'
#Default Auth
BASIC_ENABLED = True
SIGNUP_ENABLED = True
# POWERDNS CONFIG # POWERDNS CONFIG
PDNS_STATS_URL = 'http://172.16.214.131:8081/' PDNS_STATS_URL = 'http://172.16.214.131:8081/'