globuzma/canaille-globuzma
1
0
Fork 0
forked from Github-Mirrors/canaille
Code Pull requests Activity

User refactoring

Browse source
This commit is contained in:
Éloi Rivard 2020-08-21 10:23:39 +02:00
parent 7cd6cef5be
commit 5bd409ab7b
4 changed files with 22 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
web/models.py
View file

@ -34,15 +34,26 @@ class User(LDAPObjectHelper):
return user return user
@classmethod @classmethod
def login(cls, login, password): def authenticate(cls, login, password, signin=False):
filter = current_app.config["LDAP"].get("USER_FILTER").format(login=login) filter = current_app.config["LDAP"].get("USER_FILTER").format(login=login)
user = User.get(filter=filter) user = User.get(filter=filter)
if not user or not user.check_password(password): if not user or not user.check_password(password):
return None return None
session["user_dn"] = user.dn if signin:
user.login()
return user return user
def login(self):
session["user_dn"] = self.dn
def logout(self):
try:
del session["user_dn"]
except KeyError:
pass
def check_password(self, password): def check_password(self, password):
conn = ldap.initialize(current_app.config["LDAP"]["URI"]) conn = ldap.initialize(current_app.config["LDAP"]["URI"])
try: try:

4
web/oauth.py
View file

@ -21,7 +21,9 @@ def authorize():
if request.method == "GET": if request.method == "GET":
return render_template("login.html", form=form, menu=False) return render_template("login.html", form=form, menu=False)
if not form.validate() or not User.login(form.login.data, form.password.data): if not form.validate() or not User.authenticate(
form.login.data, form.password.data, True
):
flash(gettext("Login failed, please check your information"), "error") flash(gettext("Login failed, please check your information"), "error")
return render_template("login.html", form=form, menu=False) return render_template("login.html", form=form, menu=False)

2
web/oauth2utils.py
View file

@ -82,7 +82,7 @@ class OpenIDCode(_OpenIDCode):
class PasswordGrant(_ResourceOwnerPasswordCredentialsGrant): class PasswordGrant(_ResourceOwnerPasswordCredentialsGrant):
def authenticate_user(self, username, password): def authenticate_user(self, username, password):
return User.login(username, password) return User.authenticate(username, password)
class RefreshTokenGrant(_RefreshTokenGrant): class RefreshTokenGrant(_RefreshTokenGrant):

8
web/routes.py
View file

@ -24,7 +24,9 @@ def login():
form = LoginForm(request.form or None) form = LoginForm(request.form or None)
if request.form: if request.form:
if not form.validate() or not User.login(form.login.data, form.password.data): if not form.validate() or not User.authenticate(
form.login.data, form.password.data, True
):
flash(gettext("Login failed, please check your information"), "error") flash(gettext("Login failed, please check your information"), "error")
return render_template("login.html", form=form) return render_template("login.html", form=form)
@ -35,8 +37,8 @@ def login():
@bp.route("/logout") @bp.route("/logout")
def logout(): def logout():
if "user_dn" in session: if current_user():
del session["user_dn"] current_user().logout()
return redirect("/") return redirect("/")