diff --git a/dal/dal/templates/changedataerror.html b/dal/dal/templates/changedataerror.html
deleted file mode 100644
index e69de29..0000000
diff --git a/dal/dal/templates/changeddata.html b/dal/dal/templates/changeddata.html
index e69de29..864b1b1 100644
--- a/dal/dal/templates/changeddata.html
+++ b/dal/dal/templates/changeddata.html
@@ -0,0 +1,14 @@
+ Userdata changed.
+
+ The data for {{user}} has been changed.
+
+
+ - Username: {{user}}
+ - Firstname: {{firstname}}
+ - Lastname: {{lastname}}
+ - Email: {{email}}
+
+
+
diff --git a/dal/dal/templates/changepassword.html b/dal/dal/templates/changepassword.html
index e69de29..b8afd14 100644
--- a/dal/dal/templates/changepassword.html
+++ b/dal/dal/templates/changepassword.html
@@ -0,0 +1,20 @@
+ Changing the password for {{user}}
+
+ Changing the password for {{user}}
+
+
+
+To change the password for {{user}}, please supply
+
diff --git a/dal/dal/templates/changeuserdata.html b/dal/dal/templates/changeuserdata.html
index e69de29..9293b66 100644
--- a/dal/dal/templates/changeuserdata.html
+++ b/dal/dal/templates/changeuserdata.html
@@ -0,0 +1,19 @@
+ Changing user data for {{user}}
+
+ Changing user data for {{user}}
+
+
+
+
diff --git a/dal/dal/templates/deleteaccount.html b/dal/dal/templates/deleteaccount.html
index e69de29..d7bec78 100644
--- a/dal/dal/templates/deleteaccount.html
+++ b/dal/dal/templates/deleteaccount.html
@@ -0,0 +1,17 @@
+ Deleting an Account
+
+ Deleting an Account
+
+
+
+To delete an account, please type the username and password below:
+
diff --git a/dal/dal/templates/deleteduser.html b/dal/dal/templates/deleteduser.html
index e69de29..4e3751d 100644
--- a/dal/dal/templates/deleteduser.html
+++ b/dal/dal/templates/deleteduser.html
@@ -0,0 +1,7 @@
+ Deleted user {{user}}
+
+ The user {{user}} was deleted from our system.
+
+
diff --git a/dal/dal/templates/error.html b/dal/dal/templates/error.html
index e69de29..b13c1c8 100644
--- a/dal/dal/templates/error.html
+++ b/dal/dal/templates/error.html
@@ -0,0 +1,15 @@
+ An error has occurred!
+
+ We are sorry, an error has occured while handling your request.
+
+While trying to {{service}}, an error was encountered: {{error}}
+
+You can try to:
+
+
+
or
+
diff --git a/dal/dal/templates/landing.html b/dal/dal/templates/landing.html
index e69de29..f6dfb0d 100644
--- a/dal/dal/templates/landing.html
+++ b/dal/dal/templates/landing.html
@@ -0,0 +1,21 @@
+ Welcome to the ungleich user service
+
+ Welcome to the ungleich user service
+
+If you want to use the user service, you will need an account on our system. If you already have one, please login below:
+
+
If you have an account, but forgot your password, please visit our password reset page:
+
+
If you don't have an account, please register yourself with us:
+
diff --git a/dal/dal/templates/loginfailed.html b/dal/dal/templates/loginfailed.html
index e69de29..5bd0e4a 100644
--- a/dal/dal/templates/loginfailed.html
+++ b/dal/dal/templates/loginfailed.html
@@ -0,0 +1,11 @@
+ Login failed!
+
+ Sorry, but your login has failed
+
This service runs for our LDAP users, so maybe you don't already have an LDAP account with us? If so, please register one.
+
+
+
diff --git a/dal/dal/templates/mustbeloggedin.html b/dal/dal/templates/mustbeloggedin.html
index e69de29..031fbf3 100644
--- a/dal/dal/templates/mustbeloggedin.html
+++ b/dal/dal/templates/mustbeloggedin.html
@@ -0,0 +1,7 @@
+ You must be logged in to access this page
+
+ You must be logged in to access this page
+
+
diff --git a/dal/dal/templates/registererror.html b/dal/dal/templates/registererror.html
deleted file mode 100644
index e69de29..0000000
diff --git a/dal/dal/templates/registeruser.html b/dal/dal/templates/registeruser.html
index e69de29..6412db1 100644
--- a/dal/dal/templates/registeruser.html
+++ b/dal/dal/templates/registeruser.html
@@ -0,0 +1,27 @@
+ Register an user at ungleich
+
+ Register an user at ungleich
+
+
+
+To register yourself an user, please fill out the fields below:
+
+
diff --git a/dal/dal/templates/resetpassword.html b/dal/dal/templates/resetpassword.html
index e69de29..4d4c080 100644
--- a/dal/dal/templates/resetpassword.html
+++ b/dal/dal/templates/resetpassword.html
@@ -0,0 +1,14 @@
+ Password reset
+
+ Password reset
+
+To reset your password, please enter your username below. You will get an email asking you to confirm this and after confirmation an email with your
+temporary password. Please remember to change it immediately after logging in.
+
+
diff --git a/dal/dal/templates/send_resetrequest.html b/dal/dal/templates/send_resetrequest.html
new file mode 100644
index 0000000..7da946d
--- /dev/null
+++ b/dal/dal/templates/send_resetrequest.html
@@ -0,0 +1,9 @@
+ Reset request processed and confirmation email sent
+
+ Reset request processed and confirmation email sent
+
+You will shortly get the confirmation email at {{email}} to confirm that you wish to reset the password for {{user}}.
+
+
diff --git a/dal/dal/templates/useroptions.html b/dal/dal/templates/useroptions.html
index e69de29..4ce5597 100644
--- a/dal/dal/templates/useroptions.html
+++ b/dal/dal/templates/useroptions.html
@@ -0,0 +1,21 @@
+ Options for {{user}}
+
+ Welcome, {{user}}
+
+You have the following options:
+
+
+
+
+
+
+
+
diff --git a/dal/dal/views.py b/dal/dal/views.py
index 99f1fce..45e74e4 100644
--- a/dal/dal/views.py
+++ b/dal/dal/views.py
@@ -9,6 +9,9 @@ from django.urls import reverse_lazy
# Check to see if the username is already taken
# Helper function, not to be set up as a view
+# First checks the DB, since ldap parks users there
+# After that, check LDAP directly if the user just never
+# logged in
def check_user_exists(username):
if User.objects.filter(username=username).exists():
return True
@@ -25,8 +28,8 @@ class Index(View):
# Basic binary choice, if it is an authenticated user, go straight to the options page,
# if not, then show the landing page
def get(self, request):
- if request.user:
- return render(request, 'useroptions.html')
+ if request.user.is_authenticated:
+ return render(request, 'useroptions.html', { 'user': request.user } )
return render(request, 'landing.html')
# Basically does the same as the GET request, just with trying to login the user beforehand
@@ -38,7 +41,7 @@ class Index(View):
user = authenticate(request, username=username, password=password)
if user is not None:
login(request, user)
- return render(request, 'useroptions.html')
+ return render(request, 'useroptions.html', { 'user': user } )
return render(request, 'loginfailed.html')
@@ -53,12 +56,12 @@ class Register(View):
# Someone filled out the register page, do some basic checks and throw it at nameko
def post(self, request):
# message for the error template
- service = 'Registering an user'
+ service = 'register an user'
# urlname for 'go back' on the errorpage
urlname = 'register'
username = request.POST.get('username')
# Check to see if username is already taken
- if self.check_user_exists(username):
+ if check_user_exists(username):
return render(request, 'registererror.html', { 'urlname': urlname, 'service': service, 'error': 'User already exists.' } )
# isalnum() may be a bit harsh, but is the most logical choice to make sure it's a username we
# can use
@@ -83,6 +86,9 @@ class Register(View):
return render(request, 'usercreated.html', { 'user': username } )
return render(request, 'error.html', { 'urlname': urlname, 'service': service, 'error': 'Unknown error while creating the user.' } )
+ def create_user(self, username, password, firstname, lastname, email):
+ #TODO: write nameko function to create a user
+ return True
@@ -95,6 +101,7 @@ class ChangeData(View):
if not request.user.is_authenticated:
return render(request, 'mustbeloggedin.html')
user = request.user
+ login(request, user)
# get basic data (firstname, lastname, email)
(firstname, lastname, email) = self.get_data(user)
# The template puts the old data as standard in the fields
@@ -103,7 +110,7 @@ class ChangeData(View):
# get the change request
def post(self, request):
# variables for the error page
- service = 'changing user data'
+ service = 'change user data'
urlname = 'change_data'
if not request.user.is_authenticated:
@@ -150,17 +157,19 @@ class ResetPassword(View):
# gets the data from confirming the reset request and checks if it was not a misclick
# (by having the user type in his username
def post(self, request):
+ urlname = 'reset_password'
+ service = 'send a password reset request'
user = request.POST.get('user')
if check_user_exists(user):
# TODO: Get a good backend for reset requests
# Sending the reset request
- self.send_resetrequest(user)
- return render(request, 'send_resetrequest.html', { 'user': user } )
- return render(request, 'must_confirm_reset.html')
+ email = self.send_resetrequest(user)
+ return render(request, 'send_resetrequest.html', { 'user': user, 'email': email } )
+ return render(request, 'error.html', { 'urlname': urlname, 'service': service, 'error': 'The user does not exist.' } )
def send_resetrequest(self, user):
#TODO: call nameko to get the associated email and send a confirmation mail
- return True
+ return "test@example.com"
# The logged in user can change the password here
@@ -181,7 +190,8 @@ class ChangePassword(View):
if not request.user.is_authenticated:
return render(request, 'mustbeloggedin.html')
-
+ login(request, request.user)
+
user = request.user
oldpassword = request.POST.get('oldpassword')
check = authenticate(request, username=user, password=oldpassword)
@@ -221,12 +231,12 @@ class DeleteAccount(View):
service = 'delete an account'
# Does the user exist?
- username = request.POST.username
+ username = request.POST.get('username')
if not check_user_exists(username):
return render(request, 'error.html', { 'urlname': urlname, 'service': service, 'error': 'Unknown user.' } )
# Do user and password match?
- password = request.POST.username
+ password = request.POST.get('password')
check = authenticate(request, username=username, password=password)
if check is None:
return render(request, 'error.html', { 'urlname': urlname, 'service': service, 'error': 'Wrong password for user.' } )
diff --git a/nameko-func.py b/nameko-func.py
new file mode 100644
index 0000000..6a4925b
--- /dev/null
+++ b/nameko-func.py
@@ -0,0 +1,96 @@
+from nameko.events import EventDispatcher, event_handler
+from nameko.rpc import rpc
+from configparser import ConfigParser
+import ldap3
+
+config = ConfigParser()
+config.read('nameko.conf')
+
+try:
+ mult_server = int(config['LDAP']['SERVERMULTIPLE'])
+except:
+ exit("[LDAP] SERVERMULTIPLE has to be an integer >= 1")
+if mult_server < 1:
+ exit("[LDAP] SERVERMULTIPLE has to be an integer >= 1")
+
+class UserLookUp(object):
+ name = "userlookup"
+ dispatch = EventDispatcher()
+
+ @rpc
+ def lookup(self, user):
+ LDAP_UID = 'uid=%s' % user
+ LDAP_USER_SEARCH = LDAP_UID + config['LDAP']['LDAPDATA']
+
+
+class CreateUser(object):
+ name = "createuser"
+ dispatch = EventDispatcher()
+
+ @rpc
+ def create_user(self, user, password, firstname, lastname, email):
+ return "To be done"
+
+
+class GetUserData(object):
+ name = "getuserdata"
+ dispatch = EventDispatcher()
+
+ @rpc
+ def get_data(self, user):
+ return "To be done"
+
+class ChangeUserData(object):
+ name = "changeuserdata"
+ dispatch = EventDispatcher()
+
+ @rpc
+ def change_data(self, user, firstname, lastname, email):
+ return "To be done"
+
+
+class PasswordResetRequest(object):
+ name = "passwordresetrequest"
+ dispatch = EventDispatcher()
+
+ @rpc
+ def send_request(self, user):
+ return "To be done"
+
+
+class ChangePassword(object):
+ name = "changepassword"
+ dispatch = EventDispatcher()
+
+ @rpc
+ def change_password(self, user, oldpassword, newpassword):
+ return "To be done"
+
+
+class DeleteUser(object):
+ name = "deleteuser"
+ dispatch = EventDispatcher()
+
+ @rpc
+ def delete_user(self, user):
+ return "To be done"
+
+
+class Log(object):
+ name = "log"
+ ldaplog = config['System']['LOGDIR'] + '/ldap.log'
+
+
+ # Gets all the dispatches with 'ldap' and writes them into the ldap.log
+ @event_handler('userlookup', 'ldap')
+ @event_handler('createuser', 'ldap')
+ @event_handler('getuserdata', 'ldap')
+ @event_handler('changeuserdata', 'ldap')
+ @event_handler('passwordresetrequest', 'ldap')
+ @event_handler('changepassword', 'ldap')
+ @event_handler('deleteuser', 'ldap')
+ def event_handler_ldap(self, payload):
+ f = open(self.ldaplog, mode='a', encoding='utf-8')
+ f.write(payload)
+ f.close
+
diff --git a/nameko.conf b/nameko.conf
new file mode 100644
index 0000000..f35b263
--- /dev/null
+++ b/nameko.conf
@@ -0,0 +1,13 @@
+[System]
+
+RABBITMQ = guest:guest@localhost
+
+LOGDIR = /home/downhill/ungleich/dal/
+
+[LDAP]
+
+SERVERMULTIPLE = 1
+
+LDAPSERVER1 = localhost
+
+LDAPDATA = ,ou=customers,dc=foo,dc=bar
diff --git a/requirements.txt b/requirements.txt
new file mode 100644
index 0000000..be5535b
--- /dev/null
+++ b/requirements.txt
@@ -0,0 +1,4 @@
+django>=2.1.2
+django-auth-ldap>=1.7.0
+nameko>=2.11.0
+ldap3>=2.5.1