wrote templates, started nameko, cleaned up a bit

This commit is contained in:
downhill 2018-10-10 18:07:22 +02:00
parent a92054bc0a
commit 06249d530d
19 changed files with 338 additions and 13 deletions

View file

@ -0,0 +1,14 @@
<title> Userdata changed. </title>
<h2> The data for {{user}} has been changed. </h2>
<br><br>
<ul>
<li> Username: {{user}} </li>
<li> Firstname: {{firstname}} </li>
<li> Lastname: {{lastname}} </li>
<li> Email: {{email}} </li>
</ul>
<br><br>
<form action={% url 'index' %} type="get">
<input type="submit" value="Back to indexpage">
</form>

View file

@ -0,0 +1,20 @@
<title> Changing the password for {{user}} </title>
<h2> Changing the password for {{user}} </h2>
<br><br>
<form action={% url 'index' %} type="get">
<input type="submit" value="Back to indexpage">
</form>
<br><br>
To change the password for {{user}}, please supply
<form action={% url 'change_password' %} type="post">
{% csrf_token %}
<br>The old password:<br>
<input type="password" name="oldpassword" id="oldpassword">
<br><br>The new password:<br>
<input type="password" name="password1" id="password1">
<br>Please repeat the new Password:<br>
<input type="password" name="password2" id="password2">
<br><br>
<input type="submit" value="Submit">
</form>

View file

@ -0,0 +1,19 @@
<title> Changing user data for {{user}} </title>
<h2> Changing user data for {{user}} </h2>
<br><br>
<form action={% url 'index' %} type="get">
<input type="submit" value="Back to indexpage">
</form>
<br><br>
<form action={% url 'change_data' %} type="post">
{% csrf_token %}
<br>Firstname:<br>
<input type="text" name="firstname" id="firstname" value="{{firstname}}">
<br><br>Lastname:<br>
<input type="text" name="lastname" id="lastname" value="{{lastname}}">
<br><br>Email:<br>
<input type="text" name="email" id="email" value="{{email}}">
<br><br>
<input type="submit" value="Submit">
</form>

View file

@ -0,0 +1,17 @@
<title> Deleting an Account </title>
<h2> Deleting an Account </h2>
<br><br>
<form action={% url 'index' %} type="get">
<input type="submit" value="Back to indexpage">
</form>
<br><br>
To delete an account, please type the username and password below:
<form action={% url 'account_delete' %} type="post">
<br><br>Username:<br>
<input type="text" name="username" id="username">
<br><br>Password:<br>
<input type="password" name="password" id="password">
<br><br>
<input type="submit" value="Submit">
</form>

View file

@ -0,0 +1,7 @@
<title> Deleted user {{user}} </title>
<h2> The user {{user}} was deleted from our system. </h2>
<br>
<form action={% url 'index' %} type="get">
<input type="submit" value="Back to indexpage">
</form>

View file

@ -0,0 +1,15 @@
<title> An error has occurred! </title>
<h2> We are sorry, an error has occured while handling your request. </h2>
While trying to {{service}}, an error was encountered: {{error}}
<br><br>
You can try to:
<br>
<form action={% url urlname %} type="get">
<input type="submit" value="Go back and try again">
</form>
<br>or<br>
<form action={% url 'index' %} type="get">
<input type="submit" value="Go to the indexpage">
</form>

View file

@ -0,0 +1,21 @@
<title> Welcome to the ungleich user service </title>
<h2> Welcome to the ungleich user service </h2>
<br><br>
If you want to use the user service, you will need an account on our system. If you already have one, please login below:
<form action={% url 'index' %} type="post">
<br><br>Username:<br>
<input type="text" name="username" id="username">
<br><br>Password:<br>
<input type="password" name="password" id="password">
<br>
<input type="submit" value="Submit">
</form>
<br><br>If you have an account, but forgot your password, please visit our password reset page:
<form action={% url 'reset_password' %} type="get">
<input type="submit" value="Password reset">
</form>
<br><br>If you don't have an account, please register yourself with us:
<form action={% url 'register' %} type="get">
<input type="submit" value="Register an user">
</form>

View file

@ -0,0 +1,11 @@
<title> Login failed! </title>
<h2> Sorry, but your login has failed </h2>
<br><br>This service runs for our LDAP users, so maybe you don't already have an LDAP account with us? If so, please register one.
<form action={% url 'register' %} type="get">
<input type="submit" value="Register an user">
</form>
<br><br>
<form action={% url 'index' %} type="get">
<input type="submit" value="Back to indexpage">
</form>

View file

@ -0,0 +1,7 @@
<title> You must be logged in to access this page </title>
<h2> You must be logged in to access this page </h2>
<br><br>
<form action={% url 'index' %} type="get">
<input type="submit" value="Back to indexpage">
</form>

View file

@ -0,0 +1,27 @@
<title> Register an user at ungleich </title>
<h2> Register an user at ungleich </h2>
<br><br>
<form action={% url 'index' %} type="get">
<input type="submit" value="Back to indexpage">
</form>
<br><br>
To register yourself an user, please fill out the fields below:
<br>
<form action={% url 'register' %} type="post">
{% csrf_token %}
<br>Username (alphanumeric):<br>
<input type="text" name="username" id="username">
<br>Password:<br>
<input type="password" name="password1" id="password1">
<br>Please confirm your Password:<br>
<input type="password" name="password2" id="password2">
<br>Firstname:<br>
<input type="text" name="firstname" id="firstname">
<br>Lastname:<br>
<input type="text" name="lastname" id="lastname">
<br>Emailaddress:<br>
<input type="text" name="email" id="email">
<br>
<input type="submit" value="Submit">
</form>

View file

@ -0,0 +1,14 @@
<title> Password reset </title>
<h2> Password reset </h2>
<br><br>
To reset your password, please enter your username below. You will get an email asking you to confirm this and after confirmation an email with your
temporary password. Please remember to change it immediately after logging in.
<br>
<form action={% url 'reset_password' %} type="post">
{% csrf_token %}
Username:<br>
<input type="text" name="user" id="user">
<br>
<input type="submit" value="Submit">
</form>

View file

@ -0,0 +1,9 @@
<title> Reset request processed and confirmation email sent </title>
<h2> Reset request processed and confirmation email sent </h2>
<br><br>
You will shortly get the confirmation email at {{email}} to confirm that you wish to reset the password for {{user}}.
<br><br>
<form action={% url 'index' %} type="get">
<input type="submit" value="Back to indexpage">
</form>

View file

@ -0,0 +1,21 @@
<title> Options for {{user}} </title>
<h2> Welcome, {{user}} </h2>
<br><br>
You have the following options:
<br>
<form action={% url 'change_data' %} type="get">
<input type="submit" value="Change your userdata">
</form>
<br>
<form action={% url 'change_password' %} type="get">
<input type="submit" value="Change your password">
</form>
<br>
<form action={% url 'reset_password' %} type="get">
<input type="submit" value="Reset your password">
</form>
<br>
<form action={% url 'account_delete' %} type="get">
<input type="submit" value="Delete your account">
</form>

View file

@ -9,6 +9,9 @@ from django.urls import reverse_lazy
# Check to see if the username is already taken # Check to see if the username is already taken
# Helper function, not to be set up as a view # Helper function, not to be set up as a view
# First checks the DB, since ldap parks users there
# After that, check LDAP directly if the user just never
# logged in
def check_user_exists(username): def check_user_exists(username):
if User.objects.filter(username=username).exists(): if User.objects.filter(username=username).exists():
return True return True
@ -25,8 +28,8 @@ class Index(View):
# Basic binary choice, if it is an authenticated user, go straight to the options page, # Basic binary choice, if it is an authenticated user, go straight to the options page,
# if not, then show the landing page # if not, then show the landing page
def get(self, request): def get(self, request):
if request.user: if request.user.is_authenticated:
return render(request, 'useroptions.html') return render(request, 'useroptions.html', { 'user': request.user } )
return render(request, 'landing.html') return render(request, 'landing.html')
# Basically does the same as the GET request, just with trying to login the user beforehand # Basically does the same as the GET request, just with trying to login the user beforehand
@ -38,7 +41,7 @@ class Index(View):
user = authenticate(request, username=username, password=password) user = authenticate(request, username=username, password=password)
if user is not None: if user is not None:
login(request, user) login(request, user)
return render(request, 'useroptions.html') return render(request, 'useroptions.html', { 'user': user } )
return render(request, 'loginfailed.html') return render(request, 'loginfailed.html')
@ -53,12 +56,12 @@ class Register(View):
# Someone filled out the register page, do some basic checks and throw it at nameko # Someone filled out the register page, do some basic checks and throw it at nameko
def post(self, request): def post(self, request):
# message for the error template # message for the error template
service = 'Registering an user' service = 'register an user'
# urlname for 'go back' on the errorpage # urlname for 'go back' on the errorpage
urlname = 'register' urlname = 'register'
username = request.POST.get('username') username = request.POST.get('username')
# Check to see if username is already taken # Check to see if username is already taken
if self.check_user_exists(username): if check_user_exists(username):
return render(request, 'registererror.html', { 'urlname': urlname, 'service': service, 'error': 'User already exists.' } ) return render(request, 'registererror.html', { 'urlname': urlname, 'service': service, 'error': 'User already exists.' } )
# isalnum() may be a bit harsh, but is the most logical choice to make sure it's a username we # isalnum() may be a bit harsh, but is the most logical choice to make sure it's a username we
# can use # can use
@ -83,6 +86,9 @@ class Register(View):
return render(request, 'usercreated.html', { 'user': username } ) return render(request, 'usercreated.html', { 'user': username } )
return render(request, 'error.html', { 'urlname': urlname, 'service': service, 'error': 'Unknown error while creating the user.' } ) return render(request, 'error.html', { 'urlname': urlname, 'service': service, 'error': 'Unknown error while creating the user.' } )
def create_user(self, username, password, firstname, lastname, email):
#TODO: write nameko function to create a user
return True
@ -95,6 +101,7 @@ class ChangeData(View):
if not request.user.is_authenticated: if not request.user.is_authenticated:
return render(request, 'mustbeloggedin.html') return render(request, 'mustbeloggedin.html')
user = request.user user = request.user
login(request, user)
# get basic data (firstname, lastname, email) # get basic data (firstname, lastname, email)
(firstname, lastname, email) = self.get_data(user) (firstname, lastname, email) = self.get_data(user)
# The template puts the old data as standard in the fields # The template puts the old data as standard in the fields
@ -103,7 +110,7 @@ class ChangeData(View):
# get the change request # get the change request
def post(self, request): def post(self, request):
# variables for the error page # variables for the error page
service = 'changing user data' service = 'change user data'
urlname = 'change_data' urlname = 'change_data'
if not request.user.is_authenticated: if not request.user.is_authenticated:
@ -150,17 +157,19 @@ class ResetPassword(View):
# gets the data from confirming the reset request and checks if it was not a misclick # gets the data from confirming the reset request and checks if it was not a misclick
# (by having the user type in his username # (by having the user type in his username
def post(self, request): def post(self, request):
urlname = 'reset_password'
service = 'send a password reset request'
user = request.POST.get('user') user = request.POST.get('user')
if check_user_exists(user): if check_user_exists(user):
# TODO: Get a good backend for reset requests # TODO: Get a good backend for reset requests
# Sending the reset request # Sending the reset request
self.send_resetrequest(user) email = self.send_resetrequest(user)
return render(request, 'send_resetrequest.html', { 'user': user } ) return render(request, 'send_resetrequest.html', { 'user': user, 'email': email } )
return render(request, 'must_confirm_reset.html') return render(request, 'error.html', { 'urlname': urlname, 'service': service, 'error': 'The user does not exist.' } )
def send_resetrequest(self, user): def send_resetrequest(self, user):
#TODO: call nameko to get the associated email and send a confirmation mail #TODO: call nameko to get the associated email and send a confirmation mail
return True return "test@example.com"
# The logged in user can change the password here # The logged in user can change the password here
@ -181,7 +190,8 @@ class ChangePassword(View):
if not request.user.is_authenticated: if not request.user.is_authenticated:
return render(request, 'mustbeloggedin.html') return render(request, 'mustbeloggedin.html')
login(request, request.user)
user = request.user user = request.user
oldpassword = request.POST.get('oldpassword') oldpassword = request.POST.get('oldpassword')
check = authenticate(request, username=user, password=oldpassword) check = authenticate(request, username=user, password=oldpassword)
@ -221,12 +231,12 @@ class DeleteAccount(View):
service = 'delete an account' service = 'delete an account'
# Does the user exist? # Does the user exist?
username = request.POST.username username = request.POST.get('username')
if not check_user_exists(username): if not check_user_exists(username):
return render(request, 'error.html', { 'urlname': urlname, 'service': service, 'error': 'Unknown user.' } ) return render(request, 'error.html', { 'urlname': urlname, 'service': service, 'error': 'Unknown user.' } )
# Do user and password match? # Do user and password match?
password = request.POST.username password = request.POST.get('password')
check = authenticate(request, username=username, password=password) check = authenticate(request, username=username, password=password)
if check is None: if check is None:
return render(request, 'error.html', { 'urlname': urlname, 'service': service, 'error': 'Wrong password for user.' } ) return render(request, 'error.html', { 'urlname': urlname, 'service': service, 'error': 'Wrong password for user.' } )

96
nameko-func.py Normal file
View file

@ -0,0 +1,96 @@
from nameko.events import EventDispatcher, event_handler
from nameko.rpc import rpc
from configparser import ConfigParser
import ldap3
config = ConfigParser()
config.read('nameko.conf')
try:
mult_server = int(config['LDAP']['SERVERMULTIPLE'])
except:
exit("[LDAP] SERVERMULTIPLE has to be an integer >= 1")
if mult_server < 1:
exit("[LDAP] SERVERMULTIPLE has to be an integer >= 1")
class UserLookUp(object):
name = "userlookup"
dispatch = EventDispatcher()
@rpc
def lookup(self, user):
LDAP_UID = 'uid=%s' % user
LDAP_USER_SEARCH = LDAP_UID + config['LDAP']['LDAPDATA']
class CreateUser(object):
name = "createuser"
dispatch = EventDispatcher()
@rpc
def create_user(self, user, password, firstname, lastname, email):
return "To be done"
class GetUserData(object):
name = "getuserdata"
dispatch = EventDispatcher()
@rpc
def get_data(self, user):
return "To be done"
class ChangeUserData(object):
name = "changeuserdata"
dispatch = EventDispatcher()
@rpc
def change_data(self, user, firstname, lastname, email):
return "To be done"
class PasswordResetRequest(object):
name = "passwordresetrequest"
dispatch = EventDispatcher()
@rpc
def send_request(self, user):
return "To be done"
class ChangePassword(object):
name = "changepassword"
dispatch = EventDispatcher()
@rpc
def change_password(self, user, oldpassword, newpassword):
return "To be done"
class DeleteUser(object):
name = "deleteuser"
dispatch = EventDispatcher()
@rpc
def delete_user(self, user):
return "To be done"
class Log(object):
name = "log"
ldaplog = config['System']['LOGDIR'] + '/ldap.log'
# Gets all the dispatches with 'ldap' and writes them into the ldap.log
@event_handler('userlookup', 'ldap')
@event_handler('createuser', 'ldap')
@event_handler('getuserdata', 'ldap')
@event_handler('changeuserdata', 'ldap')
@event_handler('passwordresetrequest', 'ldap')
@event_handler('changepassword', 'ldap')
@event_handler('deleteuser', 'ldap')
def event_handler_ldap(self, payload):
f = open(self.ldaplog, mode='a', encoding='utf-8')
f.write(payload)
f.close

13
nameko.conf Normal file
View file

@ -0,0 +1,13 @@
[System]
RABBITMQ = guest:guest@localhost
LOGDIR = /home/downhill/ungleich/dal/
[LDAP]
SERVERMULTIPLE = 1
LDAPSERVER1 = localhost
LDAPDATA = ,ou=customers,dc=foo,dc=bar

4
requirements.txt Normal file
View file

@ -0,0 +1,4 @@
django>=2.1.2
django-auth-ldap>=1.7.0
nameko>=2.11.0
ldap3>=2.5.1