moepman/bk-dss
1
0
Fork 1
mirror of https://github.com/moepman/bk-dss synced 2024-12-22 18:24:27 +01:00
Code Releases Activity

Indention and imports according to PEP8.

Browse Source
This commit is contained in:
Markus 2019-02-09 13:23:36 +01:00
parent f8ef1ec006
commit 8d7b72bf07
1 changed files with 134 additions and 130 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
dss.py
View File

@ -1,16 +1,15 @@
#!/usr/bin/env python3 #!/usr/bin/env python3
import uuid
import ldap import ldap
import ldap.modlist import ldap.modlist
import uuid
from flask import Flask, render_template, redirect, url_for, session from flask import Flask, render_template, redirect, url_for, session
from flask_wtf import FlaskForm from flask_wtf import FlaskForm
from wtforms.fields import IntegerField, PasswordField, SelectField, StringField, SubmitField
from wtforms.validators import EqualTo, DataRequired
from passlib.hash import ldap_salted_sha1 from passlib.hash import ldap_salted_sha1
from redis import Redis from redis import Redis
from wtforms.fields import IntegerField, PasswordField, StringField, SubmitField
from wtforms.validators import EqualTo, DataRequired
app = Flask(__name__) app = Flask(__name__)
app.config.from_pyfile('config.cfg') app.config.from_pyfile('config.cfg')
@ -30,21 +29,24 @@ class ReadOnlyField(StringField):
kwargs.setdefault('readonly', True) kwargs.setdefault('readonly', True)
return super(ReadOnlyField, self).__call__(*args, **kwargs) return super(ReadOnlyField, self).__call__(*args, **kwargs)
class CreateForm(FlaskForm): class CreateForm(FlaskForm):
user = StringField('Username', validators = [DataRequired()]) user = StringField('Username', validators=[DataRequired()])
uid = IntegerField('User ID', validators = [DataRequired()]) uid = IntegerField('User ID', validators=[DataRequired()])
gn = StringField('Given Name', validators = [DataRequired()]) gn = StringField('Given Name', validators=[DataRequired()])
sn = StringField('Family Name', validators = [DataRequired()]) sn = StringField('Family Name', validators=[DataRequired()])
pwd1 = PasswordField('Password', validators = [DataRequired()]) pwd1 = PasswordField('Password', validators=[DataRequired()])
pwd2 = PasswordField('Password (repeat)', validators = [DataRequired(), EqualTo('pwd1', "Passwords must match")]) pwd2 = PasswordField('Password (repeat)', validators=[DataRequired(), EqualTo('pwd1', "Passwords must match")])
submit = SubmitField('Submit') submit = SubmitField('Submit')
class EditForm(FlaskForm): class EditForm(FlaskForm):
user = ReadOnlyField('Username') user = ReadOnlyField('Username')
pwd1 = PasswordField('New Password', validators = [DataRequired()]) pwd1 = PasswordField('New Password', validators=[DataRequired()])
pwd2 = PasswordField('New Password (repeat)', validators = [DataRequired(), EqualTo('pwd1', "Passwords must match")]) pwd2 = PasswordField('New Password (repeat)', validators=[DataRequired(), EqualTo('pwd1', "Passwords must match")])
submit = SubmitField('Submit') submit = SubmitField('Submit')
class LoginForm(FlaskForm): class LoginForm(FlaskForm):
user = StringField('Username', validators=[DataRequired()]) user = StringField('Username', validators=[DataRequired()])
pswd = PasswordField('Password', validators=[DataRequired()]) pswd = PasswordField('Password', validators=[DataRequired()])
@ -54,9 +56,11 @@ class LoginForm(FlaskForm):
def makeSecret(password): def makeSecret(password):
return ldap_salted_sha1.encrypt(password) return ldap_salted_sha1.encrypt(password)
def isAdmin(): def isAdmin():
return isLoggedin() and rdb.hget(session['uuid'], 'user') in app.config.get('ADMINS', []) return isLoggedin() and rdb.hget(session['uuid'], 'user') in app.config.get('ADMINS', [])
def isLoggedin(): def isLoggedin():
return 'uuid' in session and rdb.exists(session['uuid']) return 'uuid' in session and rdb.exists(session['uuid'])
@ -91,17 +95,17 @@ def create():
try: try:
l.simple_bind_s(rdb.hget(session['uuid'], 'user'), rdb.hget(session['uuid'], 'pswd')) l.simple_bind_s(rdb.hget(session['uuid'], 'user'), rdb.hget(session['uuid'], 'pswd'))
d = { d = {
'user' : form.user.data, 'user': form.user.data,
'uid' : form.uid.data, 'uid': form.uid.data,
'gn' : form.gn.data, 'gn': form.gn.data,
'sn' : form.sn.data, 'sn': form.sn.data,
'pass' : makeSecret(form.pwd1.data) 'pass': makeSecret(form.pwd1.data)
} }
# add user # add user
user_dn = app.config.get('USER_DN').format(**d) user_dn = app.config.get('USER_DN').format(**d)
attrs = {} attrs = {}
for k,v in app.config.get('USER_ATTRS').iteritems(): for k, v in app.config.get('USER_ATTRS').iteritems():
if isinstance(v, str): if isinstance(v, str):
attrs[k] = v.format(**d) attrs[k] = v.format(**d)
elif isinstance(v, list): elif isinstance(v, list):
@ -172,7 +176,7 @@ def login():
form = LoginForm() form = LoginForm()
if form.validate_on_submit(): if form.validate_on_submit():
if form.user.data.endswith(app.config.get('LDAP_BASE','')): if form.user.data.endswith(app.config.get('LDAP_BASE', '')):
user = form.user.data user = form.user.data
else: else:
user = app.config.get('USER_DN').format(user=form.user.data) user = app.config.get('USER_DN').format(user=form.user.data)
@ -187,7 +191,7 @@ def login():
l.unbind_s() l.unbind_s()
session['uuid'] = str(uuid.uuid4()) session['uuid'] = str(uuid.uuid4())
credentials = { 'user': user, 'pswd': pswd } credentials = {'user': user, 'pswd': pswd}
rdb.hmset(session['uuid'], credentials) rdb.hmset(session['uuid'], credentials)
# TODO refactor this and reuse # TODO refactor this and reuse
rdb.expire(session['uuid'], app.config.get('SESSION_TIMEOUT', 3600)) rdb.expire(session['uuid'], app.config.get('SESSION_TIMEOUT', 3600))