begin phasing in vpn support [poc]

This commit is contained in:
Nico Schottelius 2020-12-09 20:22:33 +01:00
parent 0fd5ac18cd
commit 7f32d05cd4
10 changed files with 137 additions and 4 deletions

View file

@ -186,6 +186,9 @@ CHROME_PATH = '/usr/bin/chromium-browser'
# Username that is created by default and owns the configuration objects
UNCLOUD_ADMIN_NAME = "uncloud-admin"
LOGIN_REDIRECT_URL = '/'
LOGOUT_REDIRECT_URL = '/'
# Overwrite settings with local settings, if existing
try:
from uncloud.local_settings import *

View file

@ -77,5 +77,9 @@ urlpatterns = [
description="uncloud API",
version="1.0.0"
), name='openapi-schema'),
path('vpn/create/', netviews.VPNCreateView.as_view(), name="vpncreate"),
path('login/', authviews.LoginView.as_view(), name="login"),
path('logout/', authviews.LogoutView.as_view(), name="logout"),
path('admin/', admin.site.urls),
]

View file

@ -3,7 +3,7 @@ from django.db import transaction
from ldap3.core.exceptions import LDAPEntryAlreadyExistsResult
from rest_framework import serializers
from uncloud_pay import AMOUNT_DECIMALS, AMOUNT_MAX_DIGITS
from uncloud import AMOUNT_DECIMALS, AMOUNT_MAX_DIGITS
from uncloud_pay.models import BillingAddress
from .ungleich_ldap import LdapManager

View file

@ -0,0 +1,13 @@
{% extends 'uncloud/base.html' %}
{% block body %}
<div class="container">
<form method="post">
{% csrf_token %}
{{ form }}
<input type="submit" value="Login">
</form>
</div>
{% endblock %}

42
uncloud_auth/uldap.py Normal file
View file

@ -0,0 +1,42 @@
import ldap
# from django.conf import settings
AUTH_LDAP_SERVER_URI = "ldaps://ldap1.ungleich.ch,ldaps://ldap2.ungleich.ch"
AUTH_LDAP_BIND_DN="uid=django-create,ou=system,dc=ungleich,dc=ch"
AUTH_LDAP_BIND_PASSWORD="kS#e+v\zjKn]L!,RIu2}V+DUS"
# AUTH_LDAP_USER_SEARCH = LDAPSearch("dc=ungleich,dc=ch",
# ldap.SCOPE_SUBTREE,
# "(uid=%(user)s)")
ldap_object = ldap.initialize(AUTH_LDAP_SERVER_URI)
cancelid = ldap_object.bind(AUTH_LDAP_BIND_DN, AUTH_LDAP_BIND_PASSWORD)
res = ldap_object.search_s("dc=ungleich,dc=ch", ldap.SCOPE_SUBTREE, "(uid=nico)")
print(res)
# class LDAP(object):
# """
# Managing users in LDAP
# Requires the following settings?
# LDAP_USER_DN: where to create users in the tree
# LDAP_ADMIN_DN: which DN to use for managing users
# LDAP_ADMIN_PASSWORD: which password to used
# This module will reuse information from djagno_auth_ldap, including:
# AUTH_LDAP_SERVER_URI
# """
# def __init__(self):
# pass
# def create_user(self):
# pass
# def change_password(self):
# pass

View file

@ -1,3 +1,6 @@
from django.contrib.auth import views as auth_views
from django.contrib.auth import logout
from django_auth_ldap.backend import LDAPBackend
from rest_framework import mixins, permissions, status, viewsets
from rest_framework.decorators import action
@ -6,6 +9,14 @@ from rest_framework.response import Response
from .serializers import *
class LoginView(auth_views.LoginView):
template_name = 'uncloud_auth/login.html'
class LogoutView(auth_views.LogoutView):
pass
# template_name = 'uncloud_auth/logo.html'
class UserViewSet(viewsets.GenericViewSet):
permission_classes = [permissions.IsAuthenticated]
serializer_class = UserSerializer

View file

@ -171,8 +171,6 @@ class VPNNetwork(models.Model):
wireguard_public_key = models.CharField(max_length=48)
# default_recurring_period = RecurringPeriod.PER_365D
@property
def recurring_price(self):
return 120
@ -185,6 +183,7 @@ class VPNNetwork(models.Model):
print("deleted {}".format(self))
class ReverseDNSEntry(models.Model):
"""
A reverse DNS entry

View file

@ -0,0 +1,35 @@
{% extends 'uncloud/base.html' %}
{% block body %}
<div class="container">
<div class="row">
<div class="col">
<h1>
<h1>Generate new prefix</h1>
<p>
A new random prefix will be generated for you.
</p>
<p>
All ULA prefixes are /48 networks. Simply add the first IP address
(without any netmask, for instance fd23:2323:2323::).
You can choose the name of your liking and an organization name.
</p>
<p>
ULA prefixes are always subnets of the fd00::/8 network.
</p>
</div>
<div class="col">
<form method="post">
{% csrf_token %}
{{ form }}
<input type="submit" value="Submit">
</form>
</div>
</div>
</div>
{% endblock %}

View file

@ -1,3 +1,6 @@
from django.views.generic.edit import CreateView
from django.contrib.auth.mixins import LoginRequiredMixin
from django.contrib.messages.views import SuccessMessageMixin
from django.shortcuts import render
@ -31,3 +34,26 @@ class VPNNetworkViewSet(viewsets.ModelViewSet):
obj = VPNNetwork.objects.filter(owner=self.request.user)
return obj
class VPNCreateView(LoginRequiredMixin, SuccessMessageMixin, CreateView):
model = VPNNetwork
login_url = '/login/'
success_url = '/'
success_message = "%(the_prefix)s/48 was created successfully"
gen_method = "undef"
fields = [ "wireguard_public_key" ]
def get_success_message(self, cleaned_data):
return self.success_message % dict(cleaned_data,
the_prefix = self.object.prefix)
def get_context_data(self, **kwargs):
context = super().get_context_data(**kwargs)
context['method'] = self.gen_method
return context

View file

@ -18,7 +18,7 @@ from django.core.exceptions import ObjectDoesNotExist, ValidationError
from django.conf import settings
import uncloud_pay.stripe
from uncloud_pay import AMOUNT_DECIMALS, AMOUNT_MAX_DIGITS
from uncloud import AMOUNT_DECIMALS, AMOUNT_MAX_DIGITS
from uncloud.models import UncloudAddress
# Used to generate bill due dates.