cwinfo/powerdns-admin
5
0
Fork 0
mirror of https://github.com/cwinfo/powerdns-admin.git synced 2024-11-12 16:40:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' into new_ui

Browse Source 
- Fixed conflicts in login.html
- Fixed bug that would switch auth_method after the first failed login
attempt.
This commit is contained in:
Ivan Filippov 2016-04-29 12:26:10 -06:00
commit 7c5814beed
4 changed files with 38 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
app/models.py
View File

@ -20,6 +20,8 @@ if 'LDAP_TYPE' in app.config.keys():
LDAP_PASSWORD = app.config['LDAP_PASSWORD'] LDAP_PASSWORD = app.config['LDAP_PASSWORD']
LDAP_SEARCH_BASE = app.config['LDAP_SEARCH_BASE'] LDAP_SEARCH_BASE = app.config['LDAP_SEARCH_BASE']
LDAP_TYPE = app.config['LDAP_TYPE'] LDAP_TYPE = app.config['LDAP_TYPE']
LDAP_FILTER = app.config['LDAP_FILTER']
LDAP_USERNAMEFIELD = app.config['LDAP_USERNAMEFIELD']
else: else:
LDAP_TYPE = False LDAP_TYPE = False
@ -155,7 +157,8 @@ class User(db.Model):
return False return False
if LDAP_TYPE == 'ldap': if LDAP_TYPE == 'ldap':
searchFilter = "cn=%s" % self.username searchFilter = "(&(%s=%s)%s)" % (LDAP_USERNAMEFIELD, self.username, LDAP_FILTER)
logging.info('Ldap searchFilter "%s"' % searchFilter)
else: else:
searchFilter = "(&(objectcategory=person)(samaccountname=%s))" % self.username searchFilter = "(&(objectcategory=person)(samaccountname=%s))" % self.username
try: try:
@ -188,6 +191,7 @@ class User(db.Model):
# this might be changed in the future # this might be changed in the future
self.firstname = result[0][0][1]['givenName'][0] self.firstname = result[0][0][1]['givenName'][0]
self.lastname = result[0][0][1]['sn'][0] self.lastname = result[0][0][1]['sn'][0]
self.email = result[0][0][1]['mail'][0]
except: except:
self.firstname = self.username self.firstname = self.username
self.lastname = '' self.lastname = ''
@ -214,7 +218,7 @@ class User(db.Model):
We will create a local user (in DB) in order to manage user We will create a local user (in DB) in order to manage user
profile such as name, roles,... profile such as name, roles,...
""" """
user = User(username=self.username, firstname=self.firstname, lastname=self.lastname, role_id=self.role_id) user = User(username=self.username, firstname=self.firstname, lastname=self.lastname, role_id=self.role_id, email=self.email)
db.session.add(user) db.session.add(user)
db.session.commit() db.session.commit()
# assgine user_id to current_user after create in the DB # assgine user_id to current_user after create in the DB

18
app/templates/login.html
View File

@ -27,7 +27,7 @@
<body class="hold-transition login-page"> <body class="hold-transition login-page">
<div class="login-box"> <div class="login-box">
<div class="login-logo"> <div class="login-logo">
<a href="{{ url_for('index') }}"><b>PowerDNS</b>-Admin</a> <a href="{{ url_for('index') }}">Sign In {{ login_title }}</a>
</div> </div>
<!-- /.login-logo --> <!-- /.login-logo -->
<div class="login-box-body"> <div class="login-box-body">
@ -56,18 +56,26 @@
<span class="glyphicon glyphicon-lock form-control-feedback"></span> <span class="glyphicon glyphicon-lock form-control-feedback"></span>
</div> </div>
{% if ldap_enabled %} {% if ldap_enabled and basic_enabled %}
<div class="form-group"> <div class="form-group">
<select class="form-control" name="auth_method"> <select class="form-control" name="auth_method">
<option value="LOCAL">Local Authentication</option> <option value="LOCAL">LOCAL Authentication</option>
<option value="LDAP">LDAP Authentication</option> <option value="LDAP">LDAP Authentication</option>
</select> </select>
</div> </div>
{% else %} {% elif ldap_enabled and not basic_enabled %}
<div class="form-group">
<input type="hidden" name="auth_method" value="LDAP">
</div>
{% elif basic_enabled and not ldap_enabled %}
<div class="form-group"> <div class="form-group">
<input type="hidden" name="auth_method" value="LOCAL"> <input type="hidden" name="auth_method" value="LOCAL">
</div> </div>
{% endif %} {% else %}
<div class="form-group">
<input type="hidden" name="auth_method" value="LOCAL">
</div>
{% endif %}
<div class="row"> <div class="row">
<div class="col-xs-8"> <div class="col-xs-8">

14
app/views.py
View File

@ -63,13 +63,17 @@ def register():
@app.route('/login', methods=['GET', 'POST']) @app.route('/login', methods=['GET', 'POST'])
@login_manager.unauthorized_handler @login_manager.unauthorized_handler
def login(): def login():
# these parameters will be needed in multiple paths
LDAP_ENABLED = True if 'LDAP_TYPE' in app.config.keys() else False
LOGIN_TITLE = app.config['LOGIN_TITLE'] if 'LOGIN_TITLE' in app.config.keys() else ''
BASIC_ENABLED = app.config['BASIC_ENABLED']
SIGNUP_ENABLED = app.config['SIGNUP_ENABLED']
if g.user is not None and current_user.is_authenticated: if g.user is not None and current_user.is_authenticated:
return redirect(url_for('dashboard')) return redirect(url_for('dashboard'))
if request.method == 'GET': if request.method == 'GET':
LDAP_ENABLED = True if 'LDAP_TYPE' in app.config.keys() else False return render_template('login.html', ldap_enabled=LDAP_ENABLED, login_title=LOGIN_TITLE, basic_enabled=BASIC_ENABLED, signup_enabled=SIGNUP_ENABLED)
return render_template('login.html', ldap_enabled=LDAP_ENABLED)
# process login # process login
username = request.form['username'] username = request.form['username']
@ -93,10 +97,10 @@ def login():
try: try:
auth = user.is_validate(method=auth_method) auth = user.is_validate(method=auth_method)
if auth == False: if auth == False:
return render_template('login.html', error='Invalid credentials') return render_template('login.html', error='Invalid credentials', ldap_enabled=LDAP_ENABLED, login_title=LOGIN_TITLE, basic_enabled=BASIC_ENABLED, signup_enabled=SIGNUP_ENABLED)
except Exception, e: except Exception, e:
error = e.message['desc'] if 'desc' in e.message else e error = e.message['desc'] if 'desc' in e.message else e
return render_template('login.html', error=error) return render_template('login.html', error=error, ldap_enabled=LDAP_ENABLED, login_title=LOGIN_TITLE, basic_enabled=BASIC_ENABLED, signup_enabled=SIGNUP_ENABLED)
login_user(user, remember = remember_me) login_user(user, remember = remember_me)
return redirect(request.args.get('next') or url_for('index')) return redirect(request.args.get('next') or url_for('index'))
@ -113,7 +117,7 @@ def login():
try: try:
result = user.create_local_user() result = user.create_local_user()
if result == True: if result == True:
return render_template('login.html', username=username, password=password) return render_template('login.html', username=username, password=password, ldap_enabled=LDAP_ENABLED, login_title=LOGIN_TITLE, basic_enabled=BASIC_ENABLED, signup_enabled=SIGNUP_ENABLED)
else: else:
return render_template('register.html', error=result) return render_template('register.html', error=result)
except Exception, e: except Exception, e:

8
config_template.py
View File

@ -6,6 +6,7 @@ WTF_CSRF_ENABLED = True
SECRET_KEY = 'We are the world' SECRET_KEY = 'We are the world'
BIND_ADDRESS = '127.0.0.1' BIND_ADDRESS = '127.0.0.1'
PORT = 9393 PORT = 9393
LOGIN_TITLE = "PDNS"
# TIMEOUT - for large zones # TIMEOUT - for large zones
TIMEOUT = 10 TIMEOUT = 10
@ -28,6 +29,13 @@ LDAP_URI = 'ldaps://your-ldap-server:636'
LDAP_USERNAME = 'cn=dnsuser,ou=users,ou=services,dc=duykhanh,dc=me' LDAP_USERNAME = 'cn=dnsuser,ou=users,ou=services,dc=duykhanh,dc=me'
LDAP_PASSWORD = 'dnsuser' LDAP_PASSWORD = 'dnsuser'
LDAP_SEARCH_BASE = 'ou=System Admins,ou=People,dc=duykhanh,dc=me' LDAP_SEARCH_BASE = 'ou=System Admins,ou=People,dc=duykhanh,dc=me'
# Additional options only if LDAP_TYPE=ldap
LDAP_USERNAMEFIELD = 'uid'
LDAP_FILTER = '(objectClass=inetorgperson)'
#Default Auth
BASIC_ENABLED = True
SIGNUP_ENABLED = True
# POWERDNS CONFIG # POWERDNS CONFIG
PDNS_STATS_URL = 'http://172.16.214.131:8081/' PDNS_STATS_URL = 'http://172.16.214.131:8081/'