2015-06-16 21:57:44 +02:00
|
|
|
#!/usr/bin/env python
|
|
|
|
|
|
|
|
from flask import Flask, render_template, redirect, url_for, session
|
|
|
|
from flask_wtf import Form
|
2015-06-17 20:13:55 +02:00
|
|
|
import ldap
|
|
|
|
from redis import Redis
|
2015-06-17 20:22:52 +02:00
|
|
|
import uuid
|
2015-06-16 21:57:44 +02:00
|
|
|
from wtforms.fields import PasswordField, SelectField, StringField, SubmitField
|
|
|
|
from wtforms.validators import Required
|
|
|
|
|
|
|
|
app = Flask(__name__)
|
2015-06-17 20:22:52 +02:00
|
|
|
app.config.from_pyfile('config.cfg')
|
2015-06-16 21:57:44 +02:00
|
|
|
app.jinja_env.trim_blocks = True
|
|
|
|
app.jinja_env.lstrip_blocks = True
|
|
|
|
|
2015-06-17 20:22:52 +02:00
|
|
|
rdb = Redis(host=app.config.get('REDIS_HOST', '127.0.0.1'), password=app.config.get('REDIS_PSWD'))
|
2015-06-17 20:13:55 +02:00
|
|
|
|
|
|
|
|
2015-06-18 19:14:24 +02:00
|
|
|
class ReadonlyStringField(StringField):
|
|
|
|
def __call__(self, *args, **kwargs):
|
|
|
|
kwargs.setdefault('readonly', True)
|
|
|
|
return super(ReadonlyStringField, self).__call__(*args, **kwargs)
|
|
|
|
|
|
|
|
class EditForm(Form):
|
|
|
|
user = ReadonlyStringField('Username')
|
|
|
|
pswd = PasswordField('Password')
|
|
|
|
submit = SubmitField('Submit')
|
|
|
|
|
2015-06-17 20:13:55 +02:00
|
|
|
class LoginForm(Form):
|
|
|
|
user = StringField('Username', validators=[Required()])
|
|
|
|
pswd = PasswordField('Password', validators=[Required()])
|
|
|
|
submit = SubmitField('Login')
|
|
|
|
|
2015-06-16 21:57:44 +02:00
|
|
|
|
|
|
|
@app.route('/')
|
|
|
|
def index():
|
2015-06-17 20:34:30 +02:00
|
|
|
nav = None
|
|
|
|
if 'uuid' in session:
|
2015-06-18 19:14:24 +02:00
|
|
|
nav = ['edit', 'logout']
|
2015-06-17 20:34:30 +02:00
|
|
|
else:
|
|
|
|
nav = ['login']
|
|
|
|
|
|
|
|
return render_template('index.html', nav=nav)
|
2015-06-16 21:57:44 +02:00
|
|
|
|
2015-06-17 20:22:52 +02:00
|
|
|
|
2015-06-18 19:14:24 +02:00
|
|
|
@app.route('/edit', methods=['GET', 'POST'])
|
|
|
|
def edit():
|
|
|
|
if 'uuid' not in session:
|
|
|
|
return redirect(url_for('index'))
|
|
|
|
|
|
|
|
nav = ['edit', 'logout']
|
|
|
|
form = EditForm()
|
|
|
|
user = rdb.hgetall(session['uuid'])['user']
|
|
|
|
form.user.data = user
|
|
|
|
return render_template('edit.html', form=form, nav=nav)
|
|
|
|
|
2015-06-17 20:13:55 +02:00
|
|
|
@app.route('/login', methods=['GET', 'POST'])
|
|
|
|
def login():
|
2015-06-17 20:34:30 +02:00
|
|
|
nav = ['login']
|
2015-06-17 20:13:55 +02:00
|
|
|
form = LoginForm()
|
2015-06-17 20:22:52 +02:00
|
|
|
|
2015-06-17 20:13:55 +02:00
|
|
|
if form.validate_on_submit():
|
2015-06-17 20:22:52 +02:00
|
|
|
user = 'cn=' + form.user.data + ',' + app.config.get('LDAP_BASE','')
|
|
|
|
pswd = form.pswd.data
|
|
|
|
l = ldap.initialize(app.config.get('LDAP_URI', 'ldaps://127.0.0.1'))
|
|
|
|
try:
|
|
|
|
l.simple_bind_s(user, pswd)
|
|
|
|
except ldap.INVALID_CREDENTIALS as e:
|
|
|
|
form.pswd.errors.append(e.message['desc'])
|
|
|
|
l.unbind_s()
|
2015-06-17 20:34:30 +02:00
|
|
|
return render_template('login.html', form=form, nav=nav)
|
2015-06-17 20:22:52 +02:00
|
|
|
l.unbind_s()
|
|
|
|
|
|
|
|
session['uuid'] = str(uuid.uuid4())
|
|
|
|
credentials = { 'user': user, 'pswd': pswd }
|
|
|
|
rdb.hmset(session['uuid'], credentials)
|
|
|
|
# TODO refactor this are reuse, make session timeout a config variable
|
|
|
|
rdb.expire(session['uuid'], 3600)
|
|
|
|
|
2015-06-17 20:13:55 +02:00
|
|
|
return redirect(url_for('index'))
|
2015-06-17 20:34:30 +02:00
|
|
|
return render_template('login.html', form=form, nav=nav)
|
2015-06-16 21:57:44 +02:00
|
|
|
|
2015-06-17 20:22:52 +02:00
|
|
|
|
|
|
|
@app.route('/logout')
|
|
|
|
def logout():
|
2015-06-17 20:34:30 +02:00
|
|
|
if 'uuid' in session:
|
|
|
|
rdb.delete(session['uuid'])
|
2015-06-18 19:14:24 +02:00
|
|
|
del session['uuid']
|
2015-06-17 20:22:52 +02:00
|
|
|
return redirect(url_for('index'))
|
|
|
|
|
|
|
|
|
2015-06-16 21:57:44 +02:00
|
|
|
if __name__ == '__main__':
|
2015-06-17 20:13:55 +02:00
|
|
|
app.run(host='0.0.0.0', port=5000)
|