1
0
mirror of https://github.com/moepman/bk-dss synced 2024-12-22 23:04:26 +01:00

First working login.

This commit is contained in:
Markus 2015-06-17 20:22:52 +02:00
parent a26eb822c6
commit d40dd533a4
3 changed files with 34 additions and 3 deletions

2
.gitignore vendored Normal file
View File

@ -0,0 +1,2 @@
# config file
config.cfg

View File

@ -3,3 +3,6 @@ SECRET_KEY = "CHANGE!ME"
LDAP_URI = "ldaps://ldap.example.com" LDAP_URI = "ldaps://ldap.example.com"
LDAP_BASE = "ou=people,dc=example,dc=com" LDAP_BASE = "ou=people,dc=example,dc=com"
REDIS_HOST = "127.0.0.1"
REDIS_PSWD = "foobared"

View File

@ -4,15 +4,16 @@ from flask import Flask, render_template, redirect, url_for, session
from flask_wtf import Form from flask_wtf import Form
import ldap import ldap
from redis import Redis from redis import Redis
import uuid
from wtforms.fields import PasswordField, SelectField, StringField, SubmitField from wtforms.fields import PasswordField, SelectField, StringField, SubmitField
from wtforms.validators import Required from wtforms.validators import Required
app = Flask(__name__) app = Flask(__name__)
app.config.from_pyfile('index.cfg') app.config.from_pyfile('config.cfg')
app.jinja_env.trim_blocks = True app.jinja_env.trim_blocks = True
app.jinja_env.lstrip_blocks = True app.jinja_env.lstrip_blocks = True
rdb = Redis(host='127.0.0.1', password='foobared') rdb = Redis(host=app.config.get('REDIS_HOST', '127.0.0.1'), password=app.config.get('REDIS_PSWD'))
class LoginForm(Form): class LoginForm(Form):
@ -25,13 +26,38 @@ class LoginForm(Form):
def index(): def index():
return render_template('index.html') return render_template('index.html')
@app.route('/login', methods=['GET', 'POST']) @app.route('/login', methods=['GET', 'POST'])
def login(): def login():
form = LoginForm() form = LoginForm()
if form.validate_on_submit(): if form.validate_on_submit():
# TODO implement login with LDAP user = 'cn=' + form.user.data + ',' + app.config.get('LDAP_BASE','')
pswd = form.pswd.data
l = ldap.initialize(app.config.get('LDAP_URI', 'ldaps://127.0.0.1'))
try:
l.simple_bind_s(user, pswd)
except ldap.INVALID_CREDENTIALS as e:
form.pswd.errors.append(e.message['desc'])
l.unbind_s()
return render_template('login.html', form=form)
l.unbind_s()
session['uuid'] = str(uuid.uuid4())
credentials = { 'user': user, 'pswd': pswd }
rdb.hmset(session['uuid'], credentials)
# TODO refactor this are reuse, make session timeout a config variable
rdb.expire(session['uuid'], 3600)
return redirect(url_for('index')) return redirect(url_for('index'))
return render_template('login.html', form=form) return render_template('login.html', form=form)
@app.route('/logout')
def logout():
session['uuid'] = None
return redirect(url_for('index'))
if __name__ == '__main__': if __name__ == '__main__':
app.run(host='0.0.0.0', port=5000) app.run(host='0.0.0.0', port=5000)