Merge branch 'master' into new_ui

- Fixed conflicts in login.html
- Fixed bug that would switch auth_method after the first failed login
attempt.

app/models.py

@@ -20,6 +20,8 @@ if 'LDAP_TYPE' in app.config.keys():
     LDAP_PASSWORD = app.config['LDAP_PASSWORD']
     LDAP_SEARCH_BASE = app.config['LDAP_SEARCH_BASE']
     LDAP_TYPE = app.config['LDAP_TYPE']
+    LDAP_FILTER = app.config['LDAP_FILTER']
+    LDAP_USERNAMEFIELD = app.config['LDAP_USERNAMEFIELD']
 else:
     LDAP_TYPE = False
 
@@ -155,7 +157,8 @@ class User(db.Model):
                 return False
 
             if LDAP_TYPE == 'ldap':
-              searchFilter = "cn=%s" % self.username
+              searchFilter = "(&(%s=%s)%s)" % (LDAP_USERNAMEFIELD, self.username, LDAP_FILTER)
+              logging.info('Ldap searchFilter "%s"' % searchFilter)
             else:
               searchFilter = "(&(objectcategory=person)(samaccountname=%s))" % self.username
             try:
@@ -188,6 +191,7 @@ class User(db.Model):
                             # this might be changed in the future
                             self.firstname = result[0][0][1]['givenName'][0]
                             self.lastname = result[0][0][1]['sn'][0]
+                            self.email = result[0][0][1]['mail'][0]
                         except:
                             self.firstname = self.username
                             self.lastname = ''
@@ -214,7 +218,7 @@ class User(db.Model):
         We will create a local user (in DB) in order to manage user
         profile such as name, roles,...
         """
-        user = User(username=self.username, firstname=self.firstname, lastname=self.lastname, role_id=self.role_id)
+        user = User(username=self.username, firstname=self.firstname, lastname=self.lastname, role_id=self.role_id, email=self.email)
         db.session.add(user)
         db.session.commit()
         # assgine user_id to current_user after create in the DB

app/templates/login.html

@@ -27,7 +27,7 @@
 <body class="hold-transition login-page">
 <div class="login-box">
   <div class="login-logo">
-    <a href="{{ url_for('index') }}"><b>PowerDNS</b>-Admin</a>
+    <a href="{{ url_for('index') }}">Sign In {{ login_title }}</a>
   </div>
   <!-- /.login-logo -->
   <div class="login-box-body">
@@ -56,18 +56,26 @@
         <span class="glyphicon glyphicon-lock form-control-feedback"></span>
       </div>
 				
-                		{% if ldap_enabled %}
+						{% if ldap_enabled and basic_enabled %}
                 		<div class="form-group">
 							<select class="form-control" name="auth_method">
-								<option value="LOCAL">Local Authentication</option>
+                				<option value="LOCAL">LOCAL Authentication</option>
                 				<option value="LDAP">LDAP Authentication</option>
                 			</select>
 						</div>			
-                		{% else %}
-                		<div class="form-group">
-                			<input type="hidden" name="auth_method" value="LOCAL">
+						{% elif ldap_enabled and not basic_enabled %}
+						<div class="form-group">
+                			<input type="hidden" name="auth_method" value="LDAP">                			
 						</div>
-                		{% endif %}
+                		{% elif basic_enabled and not ldap_enabled %}
+                		<div class="form-group">
+                			<input type="hidden" name="auth_method" value="LOCAL">                			
+						</div>
+						{% else %}
+						<div class="form-group">
+                			<input type="hidden" name="auth_method" value="LOCAL">                			
+						</div>
+						{% endif %}
 					
      <div class="row">
         <div class="col-xs-8">

app/views.py

@@ -63,13 +63,17 @@ def register():
 @app.route('/login', methods=['GET', 'POST'])
 @login_manager.unauthorized_handler
 def login():
+    # these parameters will be needed in multiple paths
+    LDAP_ENABLED = True if 'LDAP_TYPE' in app.config.keys() else False
+    LOGIN_TITLE = app.config['LOGIN_TITLE'] if 'LOGIN_TITLE' in app.config.keys() else ''
+    BASIC_ENABLED = app.config['BASIC_ENABLED']
+    SIGNUP_ENABLED = app.config['SIGNUP_ENABLED']
 
     if g.user is not None and current_user.is_authenticated:
         return redirect(url_for('dashboard'))
 
     if request.method == 'GET':
-        LDAP_ENABLED = True if 'LDAP_TYPE' in app.config.keys() else False
-        return render_template('login.html', ldap_enabled=LDAP_ENABLED)
+        return render_template('login.html', ldap_enabled=LDAP_ENABLED, login_title=LOGIN_TITLE, basic_enabled=BASIC_ENABLED, signup_enabled=SIGNUP_ENABLED)
     
     # process login
     username = request.form['username']
@@ -93,10 +97,10 @@ def login():
         try:
             auth = user.is_validate(method=auth_method)
             if auth == False:
-                return render_template('login.html', error='Invalid credentials')
+                return render_template('login.html', error='Invalid credentials', ldap_enabled=LDAP_ENABLED, login_title=LOGIN_TITLE, basic_enabled=BASIC_ENABLED, signup_enabled=SIGNUP_ENABLED)
         except Exception, e:
             error = e.message['desc'] if 'desc' in e.message else e
-            return render_template('login.html', error=error)
+            return render_template('login.html', error=error, ldap_enabled=LDAP_ENABLED, login_title=LOGIN_TITLE, basic_enabled=BASIC_ENABLED, signup_enabled=SIGNUP_ENABLED)
 
         login_user(user, remember = remember_me)
         return redirect(request.args.get('next') or url_for('index'))
@@ -113,7 +117,7 @@ def login():
         try:
             result = user.create_local_user()
             if result == True:
-                return render_template('login.html', username=username, password=password)
+                return render_template('login.html', username=username, password=password, ldap_enabled=LDAP_ENABLED, login_title=LOGIN_TITLE, basic_enabled=BASIC_ENABLED, signup_enabled=SIGNUP_ENABLED)
             else:
                 return render_template('register.html', error=result)
         except Exception, e: