summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTomek Dubrownik <t.dubrownik@gmail.com>2012-09-15 01:38:30 +0200
committerTomek Dubrownik <t.dubrownik@gmail.com>2012-09-15 01:38:30 +0200
commitc0e8cc2ccf39a6b6b23a9503e8ebb9ee287ed675 (patch)
tree161af6c72defc5fb598d666084b51af248b53d79
parent3cb096cc76c7463a0f94649d1fe321c2b7cbffe7 (diff)
downloadcheckinator-c0e8cc2ccf39a6b6b23a9503e8ebb9ee287ed675.tar.gz
checkinator-c0e8cc2ccf39a6b6b23a9503e8ebb9ee287ed675.tar.bz2
checkinator-c0e8cc2ccf39a6b6b23a9503e8ebb9ee287ed675.zip
basic ldap support, needs SSL verify
-rw-r--r--at.py84
-rw-r--r--dbsetup.sql9
-rw-r--r--templates/account.html21
-rw-r--r--templates/basic.html2
-rw-r--r--templates/main.html8
5 files changed, 29 insertions, 95 deletions
diff --git a/at.py b/at.py
index 8bbd84b..094fcd0 100644
--- a/at.py
+++ b/at.py
@@ -4,6 +4,9 @@ import sqlite3
import threading
import traceback
import json
+import requests
+import os
+import logging
from flask import Flask, render_template, abort, g, \
redirect, session, request, flash, url_for
from werkzeug.contrib.fixers import ProxyFix
@@ -44,6 +47,10 @@ def req_to_ctx():
def strfts(ts, format='%d/%m/%Y %H:%M'):
return datetime.fromtimestamp(ts).strftime(format)
+@app.template_filter('wikiurl')
+def wikiurl(user):
+ return config.wiki_url % { 'login': user }
+
@app.before_request
def make_connection():
conn = sqlite3.connect(config.db)
@@ -56,18 +63,15 @@ def close_connection(exception):
g.db.close()
DeviceInfo = namedtuple('DeviceInfo', ['hwaddr', 'name', 'owner', 'ignored'])
-User = namedtuple('User', ['id', 'login', 'passwd', 'url'])
def get_device_info(conn, hwaddr):
return list(get_device_infos(conn, (hwaddrs,)))[0]
def get_device_infos(conn, hwaddrs):
- stmt = '''select hwaddr, name, ignored, userid, login, url from
- devices left join users on devices.owner = users.userid
- where devices.hwaddr in (''' + ','.join(['?'] * len(hwaddrs)) + ')'
+ stmt = '''select hwaddr, name, ignored, owner from
+ devices where devices.hwaddr in (''' + ','.join(['?'] * len(hwaddrs)) + ')'
for row in conn.execute(stmt, hwaddrs):
- owner = User(row['userid'], row['login'], None, row['url']) \
- if row['login'] else None
+ owner = row['owner'] or ''
ignored = row['ignored']
yield DeviceInfo(row['hwaddr'], row['name'], owner, ignored)
@@ -78,6 +82,7 @@ class Updater(threading.Thread):
self.lease_offset = lease_offset
self.active = {}
threading.Thread.__init__(self, *a, **kw)
+ self.daemon = True
def purge_stale(self):
now = time()
for addr, (atime, ip, name) in self.active.items():
@@ -134,7 +139,6 @@ class MtimeUpdater(Updater):
def file_changed(self, f):
pass
def run(self):
- import os
while True:
try:
mtime = os.stat(self.lease_file).st_mtime
@@ -190,10 +194,9 @@ def list_all():
result = now_at()
def prettify_user((user, atime)):
return {
- 'login': user.login,
+ 'login': user,
'timestamp': atime,
'pretty_time': strfts(atime),
- 'url': user.url,
}
result['users'] = map(prettify_user, result['users'])
result['unknown'] = len(result['unknown'])
@@ -212,45 +215,18 @@ def now_at():
restrict_to_hs = restrict_ip(prefix=config.claimable_prefix,
exclude=config.claimable_exclude)
-@app.route('/register', methods=['GET'])
-@restrict_to_hs
-def register_form():
- return render_template('register.html', **req_to_ctx())
-
-@app.route('/register', methods=['POST'])
-@restrict_to_hs
-def register():
- login = request.form['login'].lower()
- url = request.form['url']
- if 'wiki' in request.form:
- url = config.wiki_url % { 'login': login }
- try:
- g.db.execute('insert into users (login, url, pass) values (?, ?, ?)',
- [login, url, sha256(request.form['password']).hexdigest()])
- return redirect('/')
- except sqlite3.Error as e:
- flash('Cannot add user - username taken?', category='error')
- return register_form()
-
@app.route('/login', methods=['GET'])
def login_form():
return render_template('login.html', **req_to_ctx())
-def get_user(conn, login, password):
- row = conn.execute('select userid, login, pass, url from users where\
- login = ? and pass = ?', [login, sha256(password).hexdigest()]).fetchone()
- return row and User(row['userid'], row['login'], None, row['url'])
-
@app.route('/login', methods=['POST'])
def login():
login = request.form.get('login', '').lower()
pwd = request.form.get('password', '')
goto = request.values.get('goto') or '/'
- user = get_user(g.db, login, pwd)
- if user:
- session['userid'] = user.id
- session['login'] = user.login
- session['user'] = user
+ if requests.post('https://auth.hackerspace.pl', verify=False,
+ data = { 'login': login, 'password': pwd }).status_code == 200:
+ session['login'] = login
return redirect(goto)
else:
flash('Username or password invalid', category='error')
@@ -264,7 +240,7 @@ def logout():
def login_required(f):
@wraps(f)
def func(*a, **kw):
- if 'userid' not in session:
+ if 'login' not in session:
flash('You must log in to continue', category='error')
return redirect('/login?' +
urlencode({'goto': request.path}))
@@ -287,10 +263,10 @@ def claim():
if not hwaddr:
ctx = { 'error': 'Invalid device.' }
else:
- userid = session['userid']
+ login = session['login']
try:
g.db.execute('insert into devices (hwaddr, name, owner, ignored)\
- values (?, ?, ?, ?)', [hwaddr, request.form['name'], userid, False])
+ values (?, ?, ?, ?)', [hwaddr, request.form['name'], login, False])
ctx = {}
except sqlite3.Error as e:
ctx = { 'error': 'Could not add device! Perhaps someone claimed it?' }
@@ -298,39 +274,28 @@ def claim():
def get_user_devices(conn, user):
devs = conn.execute('select hwaddr, name, ignored from devices where\
- owner = ?', [user.id])
+ owner = ?', [user])
return (DeviceInfo(row['hwaddr'], row['name'], user, row['ignored']) for
row in devs)
-def set_password(conn, user, password):
- return conn.execute('update users set pass = ? where userid = ?',
- [sha256(password).hexdigest(), user.id])
-
-@app.route('/account', methods=['GET','POST'])
+@app.route('/account', methods=['GET'])
@login_required
def account():
- if request.method == 'POST':
- old = request.form['old']
- if get_user(g.db, session['login'], old) and \
- set_password(g.db, session['user'], request.form['new']):
- flash('Password changed', category='message')
- else:
- flash('Could not change password!', category='error')
- devices = get_user_devices(g.db, session['user'])
+ devices = get_user_devices(g.db, session['login'])
return render_template('account.html', devices=devices)
def set_ignored(conn, hwaddr, user, value):
return conn.execute('update devices set ignored = ? where hwaddr = ? and owner = ?',
- [value, hwaddr, user.id])
+ [value, hwaddr, user])
def delete_device(conn, hwaddr, user):
return conn.execute('delete from devices where hwaddr = ? and owner = ?',
- [hwaddr, user.id])
+ [hwaddr, user])
@app.route('/devices/<id>/<action>/')
@login_required
def device(id, action):
- user = session['user']
+ user = session['login']
if action == 'hide':
set_ignored(g.db, id, user, True)
if action == 'show':
@@ -341,7 +306,6 @@ def device(id, action):
port = 8080
if __name__ == '__main__':
- import logging
app.logger.setLevel(logging.DEBUG)
updater = DhcpdUpdater(config.lease_file, config.timeout, config.lease_offset)
updater.start()
diff --git a/dbsetup.sql b/dbsetup.sql
index 441a266..6f85b51 100644
--- a/dbsetup.sql
+++ b/dbsetup.sql
@@ -1,13 +1,6 @@
-create table users (
- userid integer primary key,
- login varchar(50) unique not null,
- pass character(64),
- url varchar(300)
-);
-
create table devices (
hwaddr character(17) primary key,
name varchar(50),
- owner integer references users(userid),
+ owner varchar(100) not null,
ignored boolean
);
diff --git a/templates/account.html b/templates/account.html
index 91cd668..5e8272a 100644
--- a/templates/account.html
+++ b/templates/account.html
@@ -5,27 +5,6 @@
{% for msg in get_flashed_messages(True) %}
<p class="{{ msg[0] }}">{{ msg[1] }}</p>
{% endfor %}
-<h3>Change password</h3>
-<form action="" method="POST">
- <table>
- <label><tr>
- <td>Current password:</td>
- <td><input type="password" name="old"></td>
- </tr></label>
- <label><tr>
- <td>New password:</td>
- <td><input type="password" name="new"></td>
- </tr></label>
- <label><tr>
- <td>Confirm new password:</td>
- <td><input type="password" name="new2"></td>
- </tr></label>
- <label><tr>
- <td></td>
- <td><input type="submit" value="Save"></td>
- </tr></label>
- </table>
-</form>
<h3>Claimed devices</h3>
<table class="devices">
<tr>
diff --git a/templates/basic.html b/templates/basic.html
index 2ff8808..09e954f 100644
--- a/templates/basic.html
+++ b/templates/basic.html
@@ -14,7 +14,7 @@
<a href="account">account</a> |
<a href="logout">log out</a>
{% else %}
- <a href="login">login</a> | <a href="register">register</a>
+ <a href="login">login</a>
{% endif %}
</div>
{% block content %}
diff --git a/templates/main.html b/templates/main.html
index e141ef6..629db02 100644
--- a/templates/main.html
+++ b/templates/main.html
@@ -8,11 +8,9 @@ Now at hackerspace
<ul>
{% for user, timestamp in users %}
<li>
- {% if user.url %}
- <a href="{{ user.url }}">{% endif %}
- {{ user.login }} ({{ timestamp|strfts() }})
- {% if user.url %}</a>
- {% endif %}
+ <a href="{{ user | wikiurl }}">
+ {{ user }} ({{ timestamp|strfts() }})
+ </a>
</li>
{% endfor %}
</ul>