INQ-31 ldap login, not bound to database
This commit is contained in:
parent
16c97e7689
commit
a47f67045a
15
App.py
15
App.py
|
@ -4,7 +4,10 @@ import os
|
|||
import sqlite3
|
||||
|
||||
DATABASE = 'inquire.db'
|
||||
|
||||
servers = ["ldap://dc1.labs.wmi.amu.edu.pl", "ldap://dc2.labs.wmi.amu.edu.pl"]
|
||||
suffix = "@labs.wmi.amu.edu.pl";
|
||||
port = 636;
|
||||
root = "DC=labs,DC=wmi,DC=amu,DC=edu,DC=pl";
|
||||
|
||||
|
||||
app = Flask(__name__)
|
||||
|
@ -51,14 +54,18 @@ def lecturer():
|
|||
|
||||
@app.route('/login', methods=['POST'])
|
||||
def do_login():
|
||||
if request.form['password'] == 'lecturer' and request.form['name'] == 'lecturer':
|
||||
login=request.form['name']
|
||||
password=request.form['password']
|
||||
ldapquery = py_ldap.LdapQuery(servers, port, root)
|
||||
auth=ldapquery.authenticate(login+suffix, password)
|
||||
if auth==True and login == 's396355':
|
||||
session['logged_in'] = True
|
||||
session['user_type'] = 'lecturer'
|
||||
elif request.form['password'] == 'student' and request.form['name'] == 'student':
|
||||
elif auth==True and login == 's441471':
|
||||
session['logged_in'] = True
|
||||
session['user_type'] = 'student'
|
||||
else:
|
||||
flash('Niepoprawne hasło/nazwa użytkownika!'.decode('utf-8'))
|
||||
flash('Niepoprawne hasło/nazwa użytkownika!')
|
||||
return redirect('/')
|
||||
|
||||
@app.route('/logout', methods=['GET', 'POST'])
|
||||
|
|
|
@ -0,0 +1,36 @@
|
|||
import ldap
|
||||
|
||||
class LdapQuery():
|
||||
def __init__(self, servers, port, root):
|
||||
self.servers = servers
|
||||
self.root = "OU=Students,OU=People," + root
|
||||
|
||||
ldap.PORT = port
|
||||
|
||||
# cert path
|
||||
ldap.set_option(ldap.OPT_X_TLS_CACERTFILE, "./ca_labs.wmi.amu.edu.pl.pem")
|
||||
|
||||
for i in range(len(self.servers)):
|
||||
try:
|
||||
self.ldap_handler = ldap.initialize(self.servers[i])
|
||||
break
|
||||
except:
|
||||
print ("Server down")
|
||||
|
||||
self.ldap_handler.set_option(ldap.OPT_X_TLS_DEMAND, True)
|
||||
self.ldap_handler.start_tls_s()
|
||||
|
||||
def search_user(self, login):
|
||||
return self.ldap_handler.search_s(
|
||||
self.root,
|
||||
ldap.SCOPE_SUBTREE,
|
||||
'cn=' + login,
|
||||
['givenname', 'sn', 'mail'])
|
||||
|
||||
def authenticate(self, login=None, passwd=None):
|
||||
try:
|
||||
test=self.ldap_handler.simple_bind_s(login, passwd)
|
||||
return True
|
||||
except ldap.INVALID_CREDENTIALS:
|
||||
print ("Invalid credentials")
|
||||
return False
|
Loading…
Reference in New Issue