wrote templates, started nameko, cleaned up a bit

dal/dal/templates/changeddata.html

@@ -0,0 +1,14 @@
+<title> Userdata changed. </title>
+
+<h2> The data for {{user}} has been changed. </h2>
+<br><br>
+<ul>
+	<li> Username: {{user}} </li>
+	<li> Firstname: {{firstname}} </li>
+	<li> Lastname: {{lastname}} </li>
+	<li> Email: {{email}} </li>
+</ul>
+<br><br>
+<form action={% url 'index' %} type="get">
+	<input type="submit" value="Back to indexpage">
+</form>

dal/dal/templates/changepassword.html

@@ -0,0 +1,20 @@
+<title> Changing the password for {{user}} </title>
+
+<h2> Changing the password for {{user}} </h2>
+<br><br>
+<form action={% url 'index' %} type="get">
+	<input type="submit" value="Back to indexpage">
+</form>
+<br><br>
+To change the password for {{user}}, please supply 
+<form action={% url 'change_password' %} type="post">
+	{% csrf_token %}
+	<br>The old password:<br>  
+	<input type="password" name="oldpassword" id="oldpassword">
+	<br><br>The new password:<br>
+	<input type="password" name="password1" id="password1">
+	<br>Please repeat the new Password:<br>
+	<input type="password" name="password2" id="password2">
+	<br><br>
+	<input type="submit" value="Submit">
+</form>

dal/dal/templates/changeuserdata.html

@@ -0,0 +1,19 @@
+<title> Changing user data for {{user}} </title>
+
+<h2> Changing user data for {{user}} </h2>
+<br><br>
+<form action={% url 'index' %} type="get">
+	<input type="submit" value="Back to indexpage">
+</form>
+<br><br>
+<form action={% url 'change_data' %} type="post">
+	{% csrf_token %}
+	<br>Firstname:<br>
+	<input type="text" name="firstname" id="firstname" value="{{firstname}}">
+	<br><br>Lastname:<br>
+	<input type="text" name="lastname" id="lastname" value="{{lastname}}">
+	<br><br>Email:<br>
+	<input type="text" name="email" id="email" value="{{email}}">
+	<br><br>
+	<input type="submit" value="Submit">
+</form>

dal/dal/templates/deleteaccount.html

@@ -0,0 +1,17 @@
+<title> Deleting an Account </title>
+
+<h2> Deleting an Account </h2>
+<br><br>
+<form action={% url 'index' %} type="get">
+	<input type="submit" value="Back to indexpage">
+</form>
+<br><br>
+To delete an account, please type the username and password below:
+<form action={% url 'account_delete' %} type="post">
+	<br><br>Username:<br>
+	<input type="text" name="username" id="username">
+	<br><br>Password:<br>
+	<input type="password" name="password" id="password">
+	<br><br>
+	<input type="submit" value="Submit">
+</form>

dal/dal/templates/deleteduser.html

@@ -0,0 +1,7 @@
+<title> Deleted user {{user}} </title>
+
+<h2> The user {{user}} was deleted from our system. </h2>
+<br>
+<form action={% url 'index' %} type="get">
+	<input type="submit" value="Back to indexpage">
+</form>

dal/dal/templates/error.html

@@ -0,0 +1,15 @@
+<title> An error has occurred! </title>
+
+<h2> We are sorry, an error has occured while handling your request. </h2>
+
+While trying to {{service}}, an error was encountered: {{error}}
+<br><br>
+You can try to:
+<br>
+<form action={% url urlname %} type="get">
+	<input type="submit" value="Go back and try again">
+</form>
+<br>or<br>
+<form action={% url 'index' %} type="get">
+	<input type="submit" value="Go to the indexpage">
+</form>

dal/dal/templates/landing.html

@@ -0,0 +1,21 @@
+<title> Welcome to the ungleich user service </title>
+
+<h2> Welcome to the ungleich user service </h2>
+<br><br>
+If you want to use the user service, you will need an account on our system. If you already have one, please login below:
+<form action={% url 'index' %} type="post">
+	<br><br>Username:<br>
+	<input type="text" name="username" id="username">
+	<br><br>Password:<br>
+	<input type="password" name="password" id="password">
+	<br>
+	<input type="submit" value="Submit">
+</form>
+<br><br>If you have an account, but forgot your password, please visit our password reset page:
+<form action={% url 'reset_password' %} type="get">
+	<input type="submit" value="Password reset">
+</form>
+<br><br>If you don't have an account, please register yourself with us:
+<form action={% url 'register' %} type="get">
+	<input type="submit" value="Register an user">
+</form>

dal/dal/templates/loginfailed.html

@@ -0,0 +1,11 @@
+<title> Login failed! </title>
+
+<h2> Sorry, but your login has failed </h2>
+<br><br>This service runs for our LDAP users, so maybe you don't already have an LDAP account with us? If so, please register one.
+<form action={% url 'register' %} type="get">
+	<input type="submit" value="Register an user">
+</form>
+<br><br>
+<form action={% url 'index' %} type="get">
+	<input type="submit" value="Back to indexpage">
+</form>

dal/dal/templates/mustbeloggedin.html

@@ -0,0 +1,7 @@
+<title> You must be logged in to access this page </title>
+
+<h2> You must be logged in to access this page </h2>
+<br><br>
+<form action={% url 'index' %} type="get">
+	<input type="submit" value="Back to indexpage">
+</form>

dal/dal/templates/registeruser.html

@@ -0,0 +1,27 @@
+<title> Register an user at ungleich </title>
+
+<h2> Register an user at ungleich </h2>
+<br><br>
+<form action={% url 'index' %} type="get">
+	<input type="submit" value="Back to indexpage">
+</form>
+<br><br>
+To register yourself an user, please fill out the fields below:
+<br>
+<form action={% url 'register' %} type="post">
+	{% csrf_token %}
+	<br>Username (alphanumeric):<br>
+	<input type="text" name="username" id="username">
+	<br>Password:<br>
+	<input type="password" name="password1" id="password1">
+	<br>Please confirm your Password:<br>
+	<input type="password" name="password2" id="password2">
+	<br>Firstname:<br>
+	<input type="text" name="firstname" id="firstname">
+	<br>Lastname:<br>
+	<input type="text" name="lastname" id="lastname">
+	<br>Emailaddress:<br>
+	<input type="text" name="email" id="email">
+	<br>
+	<input type="submit" value="Submit">
+</form>

dal/dal/templates/resetpassword.html

@@ -0,0 +1,14 @@
+<title> Password reset </title>
+
+<h2> Password reset </h2>
+<br><br>
+To reset your password, please enter your username below. You will get an email asking you to confirm this and after confirmation an email with your
+temporary password. Please remember to change it immediately after logging in.
+<br>
+<form action={% url 'reset_password' %} type="post">
+	{% csrf_token %}
+	Username:<br>
+	<input type="text" name="user" id="user">
+	<br>
+	<input type="submit" value="Submit">
+</form>

dal/dal/templates/send_resetrequest.html

@@ -0,0 +1,9 @@
+<title> Reset request processed and confirmation email sent </title>
+
+<h2> Reset request processed and confirmation email sent </h2>
+<br><br>
+You will shortly get the confirmation email at {{email}} to confirm that you wish to reset the password for {{user}}.
+<br><br>
+<form action={% url 'index' %} type="get">
+	<input type="submit" value="Back to indexpage">
+</form>

dal/dal/templates/useroptions.html

@@ -0,0 +1,21 @@
+<title> Options for {{user}} </title>
+
+<h2> Welcome, {{user}} </h2>
+<br><br>
+You have the following options:
+<br>
+<form action={% url 'change_data' %} type="get">
+	<input type="submit" value="Change your userdata">
+</form>
+<br>
+<form action={% url 'change_password' %} type="get">
+	<input type="submit" value="Change your password">
+</form>
+<br>
+<form action={% url 'reset_password' %} type="get">
+	<input type="submit" value="Reset your password">
+</form>
+<br>
+<form action={% url 'account_delete' %} type="get">
+	<input type="submit" value="Delete your account">
+</form>

dal/dal/views.py

@@ -9,6 +9,9 @@ from django.urls import reverse_lazy
 
 # Check to see if the username is already taken
 # Helper function, not to be set up as a view
+# First checks the DB, since ldap parks users there
+# After that, check LDAP directly if the user just never
+# logged in
 def check_user_exists(username):
     if User.objects.filter(username=username).exists():
         return True
@@ -25,8 +28,8 @@ class Index(View):
     # Basic binary choice, if it is an authenticated user, go straight to the options page,
     # if not, then show the landing page
     def get(self, request):
-        if request.user:
-            return render(request, 'useroptions.html')
+        if request.user.is_authenticated:
+            return render(request, 'useroptions.html', { 'user': request.user } )
         return render(request, 'landing.html')
     
     # Basically does the same as the GET request, just with trying to login the user beforehand
@@ -38,7 +41,7 @@ class Index(View):
         user = authenticate(request, username=username, password=password)
         if user is not None:
             login(request, user)
-            return render(request, 'useroptions.html')
+            return render(request, 'useroptions.html', { 'user': user } )
         return render(request, 'loginfailed.html')
 
 
@@ -53,12 +56,12 @@ class Register(View):
     # Someone filled out the register page, do some basic checks and throw it at nameko
     def post(self, request):
         # message for the error template
-        service = 'Registering an user'
+        service = 'register an user'
         # urlname for 'go back' on the errorpage
         urlname = 'register'
         username = request.POST.get('username')
         # Check to see if username is already taken
-        if self.check_user_exists(username):
+        if check_user_exists(username):
             return render(request, 'registererror.html', { 'urlname': urlname, 'service': service, 'error': 'User already exists.' } )
         # isalnum() may be a bit harsh, but is the most logical choice to make sure it's a username we
         # can use
@@ -83,6 +86,9 @@ class Register(View):
             return render(request, 'usercreated.html', { 'user': username } )
         return render(request, 'error.html', { 'urlname': urlname, 'service': service, 'error': 'Unknown error while creating the user.' } )
 
+    def create_user(self, username, password, firstname, lastname, email):
+        #TODO: write nameko function to create a user
+        return True
     
 
 
@@ -95,6 +101,7 @@ class ChangeData(View):
         if not request.user.is_authenticated:
             return render(request, 'mustbeloggedin.html')
         user = request.user
+        login(request, user)
         # get basic data (firstname, lastname, email)
         (firstname, lastname, email) = self.get_data(user)
         # The template puts the old data as standard in the fields
@@ -103,7 +110,7 @@ class ChangeData(View):
     # get the change request
     def post(self, request):
         # variables for the error page
-        service = 'changing user data'
+        service = 'change user data'
         urlname = 'change_data'
 
         if not request.user.is_authenticated:
@@ -150,17 +157,19 @@ class ResetPassword(View):
     # gets the data from confirming the reset request and checks if it was not a misclick
     # (by having the user type in his username
     def post(self, request):
+        urlname = 'reset_password'
+        service = 'send a password reset request'
         user = request.POST.get('user')
         if check_user_exists(user):
             # TODO: Get a good backend for reset requests
             # Sending the reset request
-            self.send_resetrequest(user)
-            return render(request, 'send_resetrequest.html', { 'user': user } )
-        return render(request, 'must_confirm_reset.html')
+            email = self.send_resetrequest(user)
+            return render(request, 'send_resetrequest.html', { 'user': user, 'email': email } )
+        return render(request, 'error.html', { 'urlname': urlname, 'service': service, 'error': 'The user does not exist.' } )
 
     def send_resetrequest(self, user):
         #TODO: call nameko to get the associated email and send a confirmation mail
-        return True
+        return "test@example.com"
 
 
 # The logged in user can change the password here
@@ -181,7 +190,8 @@ class ChangePassword(View):
 
         if not request.user.is_authenticated:
             return render(request, 'mustbeloggedin.html')
-        
+        login(request, request.user)
+
         user = request.user
         oldpassword = request.POST.get('oldpassword')
         check = authenticate(request, username=user, password=oldpassword)
@@ -221,12 +231,12 @@ class DeleteAccount(View):
         service = 'delete an account'
 
         # Does the user exist?
-        username = request.POST.username
+        username = request.POST.get('username')
         if not check_user_exists(username):
             return render(request, 'error.html', { 'urlname': urlname, 'service': service, 'error': 'Unknown user.' } )
 
         # Do user and password match?
-        password = request.POST.username
+        password = request.POST.get('password')
         check = authenticate(request, username=username, password=password)
         if check is None:
             return render(request, 'error.html', { 'urlname': urlname, 'service': service, 'error': 'Wrong password for user.' } )

nameko-func.py

@@ -0,0 +1,96 @@
+from nameko.events import EventDispatcher, event_handler
+from nameko.rpc import rpc
+from configparser import ConfigParser
+import ldap3
+
+config = ConfigParser()
+config.read('nameko.conf')
+
+try:
+    mult_server = int(config['LDAP']['SERVERMULTIPLE'])
+except:
+    exit("[LDAP] SERVERMULTIPLE has to be an integer >= 1")
+if mult_server < 1:
+    exit("[LDAP] SERVERMULTIPLE has to be an integer >= 1")
+
+class UserLookUp(object):
+    name = "userlookup"
+    dispatch = EventDispatcher()
+
+    @rpc
+    def lookup(self, user):
+        LDAP_UID = 'uid=%s' % user
+        LDAP_USER_SEARCH = LDAP_UID + config['LDAP']['LDAPDATA']
+
+
+class CreateUser(object):
+    name = "createuser"
+    dispatch = EventDispatcher()
+
+    @rpc
+    def create_user(self, user, password, firstname, lastname, email):
+        return "To be done"
+
+
+class GetUserData(object):
+    name = "getuserdata"
+    dispatch = EventDispatcher()
+
+    @rpc
+    def get_data(self, user):
+        return "To be done"
+
+class ChangeUserData(object):
+    name = "changeuserdata"
+    dispatch = EventDispatcher()
+
+    @rpc
+    def change_data(self, user, firstname, lastname, email):
+        return "To be done"
+
+
+class PasswordResetRequest(object):
+    name = "passwordresetrequest"
+    dispatch = EventDispatcher()
+
+    @rpc
+    def send_request(self, user):
+        return "To be done"
+
+
+class ChangePassword(object):
+    name = "changepassword"
+    dispatch = EventDispatcher()
+
+    @rpc
+    def change_password(self, user, oldpassword, newpassword):
+        return "To be done"
+
+
+class DeleteUser(object):
+    name = "deleteuser"
+    dispatch = EventDispatcher()
+
+    @rpc
+    def delete_user(self, user):
+        return "To be done"
+
+
+class Log(object):
+    name = "log"
+    ldaplog = config['System']['LOGDIR'] + '/ldap.log'
+
+
+    # Gets all the dispatches with 'ldap' and writes them into the ldap.log 
+    @event_handler('userlookup', 'ldap')
+    @event_handler('createuser', 'ldap')
+    @event_handler('getuserdata', 'ldap')
+    @event_handler('changeuserdata', 'ldap')
+    @event_handler('passwordresetrequest', 'ldap')
+    @event_handler('changepassword', 'ldap')
+    @event_handler('deleteuser', 'ldap')
+    def event_handler_ldap(self, payload):
+        f = open(self.ldaplog, mode='a', encoding='utf-8')
+        f.write(payload)
+        f.close
+

nameko.conf

@@ -0,0 +1,13 @@
+[System]
+
+RABBITMQ = guest:guest@localhost
+
+LOGDIR = /home/downhill/ungleich/dal/
+
+[LDAP]
+
+SERVERMULTIPLE = 1
+
+LDAPSERVER1 = localhost
+
+LDAPDATA = ,ou=customers,dc=foo,dc=bar

requirements.txt

@@ -0,0 +1,4 @@
+django>=2.1.2
+django-auth-ldap>=1.7.0
+nameko>=2.11.0
+ldap3>=2.5.1