diff --git a/app/lib/utils.py b/app/lib/utils.py
index 888b4d1..f43ae17 100644
--- a/app/lib/utils.py
+++ b/app/lib/utils.py
@@ -5,7 +5,10 @@ import requests
import urlparse
from app import app
-TIMEOUT = app.config['TIMEOUT']
+if 'TIMEOUT' in app.config.keys():
+ TIMEOUT = app.config['TIMEOUT']
+else:
+ TIMEOUT = 10
def auth_from_url(url):
auth = None
diff --git a/app/models.py b/app/models.py
index 2af7e6a..805e198 100644
--- a/app/models.py
+++ b/app/models.py
@@ -19,10 +19,18 @@ LDAP_USERNAME = app.config['LDAP_USERNAME']
LDAP_PASSWORD = app.config['LDAP_PASSWORD']
LDAP_SEARCH_BASE = app.config['LDAP_SEARCH_BASE']
LDAP_TYPE = app.config['LDAP_TYPE']
-LDAP_GROUP_SECURITY = app.config['LDAP_GROUP_SECURITY']
-if LDAP_GROUP_SECURITY == True:
- LDAP_ADMIN_GROUP = app.config['LDAP_ADMIN_GROUP']
- LDAP_USER_GROUP = app.config['LDAP_USER_GROUP']
+if 'LDAP_TYPE' in app.config.keys():
+ LDAP_URI = app.config['LDAP_URI']
+ LDAP_USERNAME = app.config['LDAP_USERNAME']
+ LDAP_PASSWORD = app.config['LDAP_PASSWORD']
+ LDAP_SEARCH_BASE = app.config['LDAP_SEARCH_BASE']
+ LDAP_TYPE = app.config['LDAP_TYPE']
+ LDAP_GROUP_SECURITY = app.config['LDAP_GROUP_SECURITY']
+ if LDAP_GROUP_SECURITY == True:
+ LDAP_ADMIN_GROUP = app.config['LDAP_ADMIN_GROUP']
+ LDAP_USER_GROUP = app.config['LDAP_USER_GROUP']
+else:
+ LDAP_TYPE = False
PDNS_STATS_URL = app.config['PDNS_STATS_URL']
PDNS_API_KEY = app.config['PDNS_API_KEY']
@@ -151,6 +159,10 @@ class User(db.Model):
return False
elif method == 'LDAP':
+ if not LDAP_TYPE:
+ logging.error('LDAP authentication is disabled')
+ return False
+
if LDAP_TYPE == 'ldap':
searchFilter = "cn=%s" % self.username
else:
diff --git a/app/templates/login.html b/app/templates/login.html
index 52ef018..627d517 100644
--- a/app/templates/login.html
+++ b/app/templates/login.html
@@ -75,7 +75,9 @@
diff --git a/app/views.py b/app/views.py
index 9969349..a4a8bb8 100644
--- a/app/views.py
+++ b/app/views.py
@@ -65,7 +65,8 @@ def login():
return redirect(url_for('dashboard'))
if request.method == 'GET':
- return render_template('login.html')
+ LDAP_ENABLED = True if 'LDAP_TYPE' in app.config.keys() else False
+ return render_template('login.html', ldap_enabled=LDAP_ENABLED)
# process login
username = request.form['username']
diff --git a/config_template.py b/config_template.py
index e5a0484..9340ba4 100644
--- a/config_template.py
+++ b/config_template.py
@@ -4,6 +4,7 @@ basedir = os.path.abspath(os.path.dirname(__file__))
# BASIC APP CONFIG
WTF_CSRF_ENABLED = True
SECRET_KEY = 'We are the world'
+BIND_ADDRESS = '127.0.0.1'
PORT = 9393
# TIMEOUT - for large zones
@@ -22,14 +23,15 @@ SQLALCHEMY_MIGRATE_REPO = os.path.join(basedir, 'db_repository')
SQLALCHEMY_TRACK_MODIFICATIONS = True
# LDAP CONFIG
+LDAP_TYPE = 'ldap' # use 'ad' for MS Active Directory
LDAP_URI = 'ldaps://your-ldap-server:636'
LDAP_USERNAME = 'cn=dnsuser,ou=users,ou=services,dc=duykhanh,dc=me'
LDAP_PASSWORD = 'dnsuser'
LDAP_SEARCH_BASE = 'ou=System Admins,ou=People,dc=duykhanh,dc=me'
-LDAP_TYPE = 'ldap' // or 'ad'
LDAP_GROUP_SECURITY = False // or True
LDAP_ADMIN_GROUP = 'CN=PowerDNS-Admin Admin,OU=Custom,DC=ivan,DC=local'
LDAP_USER_GROUP = 'CN=PowerDNS-Admin User,OU=Custom,DC=ivan,DC=local'
+=======
# POWERDNS CONFIG
PDNS_STATS_URL = 'http://172.16.214.131:8081/'
diff --git a/run.py b/run.py
index de49011..3803d88 100755
--- a/run.py
+++ b/run.py
@@ -2,5 +2,10 @@
from app import app
from config import PORT
+try:
+ from config import BIND_ADDRESS
+except:
+ BIND_ADDRESS = '127.0.0.1'
+
if __name__ == '__main__':
- app.run(debug = True, port=PORT)
+ app.run(debug = True, host=BIND_ADDRESS, port=PORT)