segurtasuna hobetzeko lanetan
This commit is contained in:
parent
6094fc1156
commit
0136747a7f
BIN
.app.py.swp
BIN
.app.py.swp
Binary file not shown.
Binary file not shown.
1
.gitignore
vendored
1
.gitignore
vendored
@ -1,5 +1,6 @@
|
|||||||
/settings.ini
|
/settings.ini
|
||||||
/settings.ini.example.original
|
/settings.ini.example.original
|
||||||
/uwsgi.ini
|
/uwsgi.ini
|
||||||
|
/*.sw*
|
||||||
session
|
session
|
||||||
libs/__pycache__
|
libs/__pycache__
|
BIN
.user.tpl.swp
BIN
.user.tpl.swp
Binary file not shown.
22
app.py
22
app.py
@ -24,7 +24,7 @@ from bottle import SimpleTemplate
|
|||||||
from bottle.ext import beaker
|
from bottle.ext import beaker
|
||||||
from configparser import ConfigParser
|
from configparser import ConfigParser
|
||||||
from ldap3 import Server, Connection, ALL
|
from ldap3 import Server, Connection, ALL
|
||||||
from ldap3 import SIMPLE, SUBTREE, MODIFY_REPLACE, ALL_ATTRIBUTES
|
from ldap3 import SIMPLE, SUBTREE, MODIFY_REPLACE, MODIFY_ADD, ALL_ATTRIBUTES
|
||||||
from ldap3.core.exceptions import LDAPBindError, LDAPConstraintViolationResult, \
|
from ldap3.core.exceptions import LDAPBindError, LDAPConstraintViolationResult, \
|
||||||
LDAPInvalidCredentialsResult, LDAPUserNameIsMandatoryError, \
|
LDAPInvalidCredentialsResult, LDAPUserNameIsMandatoryError, \
|
||||||
LDAPSocketOpenError, LDAPExceptionError, LDAPAttributeOrValueExistsResult
|
LDAPSocketOpenError, LDAPExceptionError, LDAPAttributeOrValueExistsResult
|
||||||
@ -35,6 +35,7 @@ from libs.localization import *
|
|||||||
from libs.helper import *
|
from libs.helper import *
|
||||||
import random
|
import random
|
||||||
from user_agents import parse
|
from user_agents import parse
|
||||||
|
from datetime import datetime
|
||||||
|
|
||||||
BASE_DIR = path.dirname(__file__)
|
BASE_DIR = path.dirname(__file__)
|
||||||
LOG = logging.getLogger(__name__)
|
LOG = logging.getLogger(__name__)
|
||||||
@ -397,9 +398,7 @@ def login_user_ldap(conf, username, password):
|
|||||||
# Note: raises LDAPUserNameIsMandatoryError when user_dn is None.
|
# Note: raises LDAPUserNameIsMandatoryError when user_dn is None.
|
||||||
with connect_ldap(conf, authentication=SIMPLE, user=user_dn, password=password) as c:
|
with connect_ldap(conf, authentication=SIMPLE, user=user_dn, password=password) as c:
|
||||||
c.bind()
|
c.bind()
|
||||||
#IP helbidea sartu db-an
|
update_login_info(conf, user_dn)
|
||||||
ip = {'ip':request.environ.get('HTTP_X_REAL_IP', request.remote_addr)}
|
|
||||||
c.add(attributes=ip)
|
|
||||||
newSession().set(get_user_data(user_dn, c))
|
newSession().set(get_user_data(user_dn, c))
|
||||||
LOG.debug("%s logged in to %s" % (username, conf['base']))
|
LOG.debug("%s logged in to %s" % (username, conf['base']))
|
||||||
|
|
||||||
@ -515,9 +514,10 @@ def register(conf, username, firstname, surname, password, email, isFake, device
|
|||||||
uidNumber = find_uid_number(conf,c)+1
|
uidNumber = find_uid_number(conf,c)+1
|
||||||
directory = 'home/user/'+to_ascii(username)
|
directory = 'home/user/'+to_ascii(username)
|
||||||
OBJECT_CLASS = ['top', 'inetOrgPerson', 'posixAccount', 'accountsManagement']
|
OBJECT_CLASS = ['top', 'inetOrgPerson', 'posixAccount', 'accountsManagement']
|
||||||
|
t = datetime.now().strftime('%Y%m%d%H%M%S')+'Z'
|
||||||
attributes = {'gidNumber': '501', 'uidNumber': uidNumber, 'homeDirectory': directory, 'givenName':
|
attributes = {'gidNumber': '501', 'uidNumber': uidNumber, 'homeDirectory': directory, 'givenName':
|
||||||
firstname, 'sn': surname, 'uid' : username, 'mail': email, 'active': False, 'fakeCn': isFake,
|
firstname, 'sn': surname, 'uid' : username, 'mail': email, 'active': False, 'fakeCn': isFake,
|
||||||
'devices':device}
|
'devices':device, 'ip':request.environ.get('HTTP_X_REAL_IP', request.remote_addr), 'lastLogin': t}
|
||||||
new_user_dn = "cn="+firstname+" "+surname+" - "+username+",cn=users,"+conf['base']
|
new_user_dn = "cn="+firstname+" "+surname+" - "+username+",cn=users,"+conf['base']
|
||||||
c.add(dn=new_user_dn,object_class=OBJECT_CLASS, attributes=attributes)
|
c.add(dn=new_user_dn,object_class=OBJECT_CLASS, attributes=attributes)
|
||||||
#create/change user password
|
#create/change user password
|
||||||
@ -843,6 +843,18 @@ def get_dev():
|
|||||||
user_agent = parse(ua_string)
|
user_agent = parse(ua_string)
|
||||||
return str(user_agent)
|
return str(user_agent)
|
||||||
|
|
||||||
|
def update_login_info(conf, user_dn):
|
||||||
|
superUser = SuperUsers(conf)
|
||||||
|
with connect_ldap(conf, user=superUser.admin_dn, password=superUser.admin_pwd) as c:
|
||||||
|
ip = request.environ.get('HTTP_X_REAL_IP', request.remote_addr)
|
||||||
|
t = datetime.now().strftime('%Y%m%d%H%M%S')+'Z'
|
||||||
|
c.modify(user_dn, {'ip': [( MODIFY_REPLACE, str(ip) )], 'lastLogin': [( MODIFY_REPLACE, t )] })
|
||||||
|
d = get_dev()
|
||||||
|
if not find_device(conf, c, d):
|
||||||
|
OBJECT_CLASS = ['top', 'inetOrgPerson', 'posixAccount', 'accountsManagement']
|
||||||
|
c.modify(user_dn, {'devices': [( MODIFY_ADD, d )] })
|
||||||
|
c.unbind()
|
||||||
|
|
||||||
class Error(Exception):
|
class Error(Exception):
|
||||||
pass
|
pass
|
||||||
|
|
||||||
|
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
11
user.tpl
11
user.tpl
@ -51,6 +51,17 @@
|
|||||||
<a href="/change_pwd">{{ str['edit'] }}</a>
|
<a href="/change_pwd">{{ str['edit'] }}</a>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
|
<div class="grid-item">
|
||||||
|
<div class="account">
|
||||||
|
<h5>Erregistroak</h5>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div class="grid-item">
|
||||||
|
<a href="/change_pwd">ikusi</a>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
|
||||||
<div class="account">
|
<div class="account">
|
||||||
<a href="/logout"><button class="green" type="button">{{ str['log-out'] }}</button></a>
|
<a href="/logout"><button class="green" type="button">{{ str['log-out'] }}</button></a>
|
||||||
<a href="/delete"><button class="red" type="button">{{ str['del'] }}</button></a>
|
<a href="/delete"><button class="red" type="button">{{ str['del'] }}</button></a>
|
||||||
|
Loading…
Reference in New Issue
Block a user