tomek
/
auth
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add mifare hash support.

master
q3k 2013-09-01 14:36:37 +02:00
parent 7cb3524679
commit 6d129e9d89
2 changed files with 27 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
auth.cfg.dist
View File

@ -4,3 +4,7 @@ DN_STRING = 'uid=%s,ou=People,dc=hackerspace,dc=pl'
FAIL_DELAY = 0.5
IRC_BASEDN = 'ou=People,dc=hackerspace,dc=pl'
IRC_LDAP_FILTER = '(&(objectClass=hsMember)(ircNick=%s))'
IRC_MIFARE_FILTER = '(&(objectClass=hsMember)(mifareIDHash=%s))'
LDAP_BIND_DN = 'cn=auth,ou=Services,dc=hackerspace,dc=pl'
LDAP_BIND_PASSWORD = 'insert password here'

27
auth.py
View File

@ -6,14 +6,18 @@ app = Flask('auth')
app.config.from_object(__name__)
app.config.from_pyfile('auth.cfg')
def connect_to_ldap():
conn = ldap.initialize(app.config['LDAP_URL'])
conn.start_tls_s()
conn.simple_bind(app.config['LDAP_BIND_DN'], app.config['LDAP_BIND_PASSWORD'])
@app.route('/', methods=['GET'])
def form():
return render_template('login.html')
@app.route('/', methods=['POST'])
def login():
conn = ldap.initialize(app.config['LDAP_URL'])
conn.start_tls_s()
conn = connect_to_ldap()
res,code = 'OK', 200
try:
conn.simple_bind_s(app.config['DN_STRING'] % request.form['login'],
@ -29,8 +33,7 @@ def irc_form():
@app.route('/irc', methods=['POST'])
def irc_nick():
conn = ldap.initialize(app.config['LDAP_URL'])
conn.start_tls_s()
conn = connect_to_ldap()
login,code = '', 401
try:
nick = re.sub(app.config['STRIP_RE'], '', request.form['nick'])
@ -44,5 +47,21 @@ def irc_nick():
code = 500
return make_response(login, code, { 'Content-Type': 'text/plain' })
@app.route('/mifare', methods=['POST'])
def mifare():
conn = connect_to_ldap()
login,code = '', 401
try:
h = re.sub(app.config['STRIP_RE'], '', request.form['hash'])
res = conn.search_s(app.config['MIFARE_BASEDN'], ldap.SCOPE_SUBTREE,
app.config['MIFARE_LDAP_FILTER'] % h)
if len(res) == 1:
login = res[0][1]['uid'][0]
code = 200
except ldap.LDAPError as e:
print e
code = 500
return make_response(login, code, { 'Content-Type': 'text/plain' })
if __name__ == '__main__':
app.run('0.0.0.0', 8082, debug=True)