Add mifare hash support.
parent
7cb3524679
commit
6d129e9d89
|
@ -4,3 +4,7 @@ DN_STRING = 'uid=%s,ou=People,dc=hackerspace,dc=pl'
|
||||||
FAIL_DELAY = 0.5
|
FAIL_DELAY = 0.5
|
||||||
IRC_BASEDN = 'ou=People,dc=hackerspace,dc=pl'
|
IRC_BASEDN = 'ou=People,dc=hackerspace,dc=pl'
|
||||||
IRC_LDAP_FILTER = '(&(objectClass=hsMember)(ircNick=%s))'
|
IRC_LDAP_FILTER = '(&(objectClass=hsMember)(ircNick=%s))'
|
||||||
|
IRC_MIFARE_FILTER = '(&(objectClass=hsMember)(mifareIDHash=%s))'
|
||||||
|
|
||||||
|
LDAP_BIND_DN = 'cn=auth,ou=Services,dc=hackerspace,dc=pl'
|
||||||
|
LDAP_BIND_PASSWORD = 'insert password here'
|
||||||
|
|
27
auth.py
27
auth.py
|
@ -6,14 +6,18 @@ app = Flask('auth')
|
||||||
app.config.from_object(__name__)
|
app.config.from_object(__name__)
|
||||||
app.config.from_pyfile('auth.cfg')
|
app.config.from_pyfile('auth.cfg')
|
||||||
|
|
||||||
|
def connect_to_ldap():
|
||||||
|
conn = ldap.initialize(app.config['LDAP_URL'])
|
||||||
|
conn.start_tls_s()
|
||||||
|
conn.simple_bind(app.config['LDAP_BIND_DN'], app.config['LDAP_BIND_PASSWORD'])
|
||||||
|
|
||||||
@app.route('/', methods=['GET'])
|
@app.route('/', methods=['GET'])
|
||||||
def form():
|
def form():
|
||||||
return render_template('login.html')
|
return render_template('login.html')
|
||||||
|
|
||||||
@app.route('/', methods=['POST'])
|
@app.route('/', methods=['POST'])
|
||||||
def login():
|
def login():
|
||||||
conn = ldap.initialize(app.config['LDAP_URL'])
|
conn = connect_to_ldap()
|
||||||
conn.start_tls_s()
|
|
||||||
res,code = 'OK', 200
|
res,code = 'OK', 200
|
||||||
try:
|
try:
|
||||||
conn.simple_bind_s(app.config['DN_STRING'] % request.form['login'],
|
conn.simple_bind_s(app.config['DN_STRING'] % request.form['login'],
|
||||||
|
@ -29,8 +33,7 @@ def irc_form():
|
||||||
|
|
||||||
@app.route('/irc', methods=['POST'])
|
@app.route('/irc', methods=['POST'])
|
||||||
def irc_nick():
|
def irc_nick():
|
||||||
conn = ldap.initialize(app.config['LDAP_URL'])
|
conn = connect_to_ldap()
|
||||||
conn.start_tls_s()
|
|
||||||
login,code = '', 401
|
login,code = '', 401
|
||||||
try:
|
try:
|
||||||
nick = re.sub(app.config['STRIP_RE'], '', request.form['nick'])
|
nick = re.sub(app.config['STRIP_RE'], '', request.form['nick'])
|
||||||
|
@ -44,5 +47,21 @@ def irc_nick():
|
||||||
code = 500
|
code = 500
|
||||||
return make_response(login, code, { 'Content-Type': 'text/plain' })
|
return make_response(login, code, { 'Content-Type': 'text/plain' })
|
||||||
|
|
||||||
|
@app.route('/mifare', methods=['POST'])
|
||||||
|
def mifare():
|
||||||
|
conn = connect_to_ldap()
|
||||||
|
login,code = '', 401
|
||||||
|
try:
|
||||||
|
h = re.sub(app.config['STRIP_RE'], '', request.form['hash'])
|
||||||
|
res = conn.search_s(app.config['MIFARE_BASEDN'], ldap.SCOPE_SUBTREE,
|
||||||
|
app.config['MIFARE_LDAP_FILTER'] % h)
|
||||||
|
if len(res) == 1:
|
||||||
|
login = res[0][1]['uid'][0]
|
||||||
|
code = 200
|
||||||
|
except ldap.LDAPError as e:
|
||||||
|
print e
|
||||||
|
code = 500
|
||||||
|
return make_response(login, code, { 'Content-Type': 'text/plain' })
|
||||||
|
|
||||||
if __name__ == '__main__':
|
if __name__ == '__main__':
|
||||||
app.run('0.0.0.0', 8082, debug=True)
|
app.run('0.0.0.0', 8082, debug=True)
|
||||||
|
|
Loading…
Reference in New Issue