ungleich-public
/
ungleich-user
6
0
Fork 0
Code Issues 1 Pull Requests Projects Releases Wiki Activity

bugfixing

This commit is contained in:
downhill 2018-10-23 18:13:25 +02:00
parent d12a09a98e
commit 5b7d67838b
4 changed files with 19 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
dal/dal/settings.py
View File

@ -23,10 +23,11 @@ config.read('userservice.conf')
# LDAP config # LDAP config
AUTH_LDAP_SERVER_URI = config['LDAP']['LDAPSERVER']
# The search user # The search user
AUTH_LDAP_BIND_DN = config['LDAP']['SEARCHUSER'] AUTH_LDAP_BIND_DN = config['LDAP']['SEARCHUSER']
# The password for the search user # The password for the search user
AUTH_LDAP_BIND_PASSWORD = config['LDAP']['SEARCHUSERPASSWORD'] AUTH_LDAP_BIND_PASSWORD = config.get('LDAP','SEARCHUSERPASSWORD', raw=True)
# Search union over two ou # Search union over two ou
AUTH_LDAP_USER_SEARCH = LDAPSearchUnion( AUTH_LDAP_USER_SEARCH = LDAPSearchUnion(
LDAPSearch("ou=users,dc=ungleich,dc=ch", ldap.SCOPE_SUBTREE, "(uid=%(user)s)"), LDAPSearch("ou=users,dc=ungleich,dc=ch", ldap.SCOPE_SUBTREE, "(uid=%(user)s)"),

5
dal/dal/views.py
View File

@ -100,6 +100,11 @@ class Register(View):
if password1 != password2: if password1 != password2:
return render(request, 'error.html', { 'urlname': urlname, 'service': service, return render(request, 'error.html', { 'urlname': urlname, 'service': service,
'error': 'Your passwords did not match. Please supply the same password twice.' } ) 'error': 'Your passwords did not match. Please supply the same password twice.' } )
# check for at least a bit of length on the password
if len(password1) < 8:
return render(request, 'error.html', { 'urlname': urlname, 'service': service,
'error': 'Your password is too short, please use a longer one. At least 8 characters.' } )
email = request.POST.get('email') email = request.POST.get('email')
# Is the emailaddress valid? # Is the emailaddress valid?
try: try:

2
dal/userservice.conf.example
View File

@ -10,4 +10,6 @@ RABBITMQ = guest:guest@127.0.0.1
SEARCHUSER = uid=search,ou=system,dc=ungleich,dc=ch SEARCHUSER = uid=search,ou=system,dc=ungleich,dc=ch
SEARCHUSERPASSWORD = fnord SEARCHUSERPASSWORD = fnord
# Set up which LDAP server to query for auth
LDAPSERVER = ldaps://ldap1.ungleich.ch

19
nameko-func.py
View File

@ -43,7 +43,7 @@ def ldapservers():
# returns the full dn # returns the full dn
def user_or_customer(uid): def user_or_customer(uid):
server = ldapservers() server = ldapservers()
conn = Connection(server, config['LDAP']['LDAPMANAGER'], config['LDAP']['LDAPMANAGERPASSWORD']) conn = Connection(server, config['LDAP']['LDAPMANAGER'], config.get('LDAP','LDAPMANAGERPASSWORD', raw=True))
conn.bind() conn.bind()
search_customers = conn.search('ou=customers,dc=ungleich,dc=ch', '(%s)' % uid) search_customers = conn.search('ou=customers,dc=ungleich,dc=ch', '(%s)' % uid)
if search_customers: if search_customers:
@ -67,7 +67,7 @@ class UserLookUp(object):
# Setup the search parameter and connect to LDAP # Setup the search parameter and connect to LDAP
LDAP_UID = 'uid=%s' % user LDAP_UID = 'uid=%s' % user
server = ldapservers() server = ldapservers()
conn = Connection(server, config['LDAP']['LDAPMANAGER'], config['LDAP']['LDAPMANAGERPASSWORD']) conn = Connection(server, config['LDAP']['LDAPMANAGER'], config.get('LDAP','LDAPMANAGERPASSWORD', raw=True))
conn.bind() conn.bind()
# Strange result. It keeps complaining LDAP_UID not set if I try to directly # Strange result. It keeps complaining LDAP_UID not set if I try to directly
# substitute x and y to the if # substitute x and y to the if
@ -96,7 +96,7 @@ class CreateUser(object):
def create_user(self, user, password, firstname, lastname, email): def create_user(self, user, password, firstname, lastname, email):
# Creates a user with some basic data # Creates a user with some basic data
server = ldapservers() server = ldapservers()
conn = Connection(server, config['LDAP']['LDAPMANAGER'], config['LDAP']['LDAPMANAGERPASSWORD']) conn = Connection(server, config['LDAP']['LDAPMANAGER'], config.get('LDAP','LDAPMANAGERPASSWORD', raw=True))
if not conn.bind(): if not conn.bind():
self.dispatch('ldap', '%s [Error CreateUser] Could not connect to LDAPserver\n' % datetime.now() ) self.dispatch('ldap', '%s [Error CreateUser] Could not connect to LDAPserver\n' % datetime.now() )
return "Could not connect to LDAP Server." return "Could not connect to LDAP Server."
@ -132,8 +132,9 @@ class CreateUser(object):
newuid = 0 newuid = 0
uidlist = [] uidlist = []
for c in conn.response: for c in conn.response:
uidlist.append(c['attribute']['uidNumber']) uidlist.append(c['attributes']['uidNumber'])
newuid = sorted(uidlist)[len(uidlist)-1] # New uid is highest old uidnumber plus one
newuid = (sorted(uidlist)[len(uidlist)-1] + 1)
return newuid return newuid
@ -148,7 +149,7 @@ class GetUserData(object):
# Setup the search parameter and connect to LDAP # Setup the search parameter and connect to LDAP
LDAP_UID = 'uid=%s' % user LDAP_UID = 'uid=%s' % user
server = ldapservers() server = ldapservers()
conn = Connection(server, config['LDAP']['LDAPMANAGER'], config['LDAP']['LDAPMANAGERPASSWORD']) conn = Connection(server, config['LDAP']['LDAPMANAGER'], config.get('LDAP', 'LDAPMANAGERPASSWORD', raw=True))
conn.bind() conn.bind()
if not conn.bound: if not conn.bound:
self.dispatch('ldap', '%s [Error GetUserData] Could not connect to LDAP server.\n' % datetime.now() ) self.dispatch('ldap', '%s [Error GetUserData] Could not connect to LDAP server.\n' % datetime.now() )
@ -193,7 +194,7 @@ class ChangeUserData(object):
LDAP_UID = 'uid=%s' % user LDAP_UID = 'uid=%s' % user
server = ldapservers() server = ldapservers()
# Establish connection with a user who can change the data # Establish connection with a user who can change the data
conn = Connection(server, config['LDAP']['LDAPMANAGER'], config['LDAP']['LDAPMANAGERPASSWORD']) conn = Connection(server, config['LDAP']['LDAPMANAGER'], config.get('LDAP', 'LDAPMANAGERPASSWORD', raw=True))
if not conn.bind(): if not conn.bind():
self.dispatch('ldap', '%s [Error ChangeUserData] Could not connect to LDAP server.\n' % datetime.now() ) self.dispatch('ldap', '%s [Error ChangeUserData] Could not connect to LDAP server.\n' % datetime.now() )
return "Could not connect to LDAP server." return "Could not connect to LDAP server."
@ -241,7 +242,7 @@ class ChangePassword(object):
def change_password(self, user, newpassword): def change_password(self, user, newpassword):
LDAP_UID = 'uid=%s' % user LDAP_UID = 'uid=%s' % user
server = ldapservers() server = ldapservers()
conn = Connection(server, config['LDAP']['LDAPMANAGER'], config['LDAP']['LDAPMANAGERPASSWORD']) conn = Connection(server, config['LDAP']['LDAPMANAGER'], config.get('LDAP', 'LDAPMANAGERPASSWORD', raw=True))
if not conn.bind(): if not conn.bind():
self.dispatch('ldap', '%s [Error ChangePassword] Could not connect to LDAP server.\n' % datetime.now() ) self.dispatch('ldap', '%s [Error ChangePassword] Could not connect to LDAP server.\n' % datetime.now() )
return "Could not connect to LDAP server." return "Could not connect to LDAP server."
@ -284,7 +285,7 @@ class DeleteUser(object):
def delete_user(self, user): def delete_user(self, user):
LDAP_UID = 'uid=%s' % user LDAP_UID = 'uid=%s' % user
server = ldapservers() server = ldapservers()
conn = Connection(server, config['LDAP']['LDAPMANAGER'], config['LDAP']['LDAPMANAGERPASSWORD']) conn = Connection(server, config['LDAP']['LDAPMANAGER'], config.get('LDAP', 'LDAPMANAGERPASSWORD', raw=True))
conn.bind() conn.bind()
if not conn.bound: if not conn.bound:
self.dispatch('ldap', '%s [Error DeleteUser] Could not connect to LDAP server.\n' % datetime.now() ) self.dispatch('ldap', '%s [Error DeleteUser] Could not connect to LDAP server.\n' % datetime.now() )