# along with this program. If not, see <http://www.gnu.org/licenses/>.
from mediagoblin.auth.tools import create_basic_user
-from mediagoblin.plugins.ldap.tools import LDAP
from mediagoblin.plugins.ldap import forms
from mediagoblin.tools import pluginapi
routes = [
('mediagoblin.plugins.ldap.register',
'/auth/ldap/register/',
- 'mediagoblin.plugins.ldap.views:register')]
+ 'mediagoblin.plugins.ldap.views:register'),
+ ('mediagoblin.plugins.ldap.login',
+ '/auth/ldap/login/',
+ 'mediagoblin.plugins.ldap.views:login')]
pluginapi.register_routes(routes)
-def check_login_simple(username, password, request):
- l = LDAP(request)
- return l.login(username, password)
-
-
def create_user(register_form):
- user = create_basic_user(register_form)
- return user
+ return create_basic_user(register_form)
-def get_login_form(request):
- return forms.LoginForm(request.form)
+def no_pass_redirect():
+ return 'ldap'
def auth():
return True
-
-def append_to_global_context(context):
- context['pass_auth'] = True
- return context
-
hooks = {
'setup': setup_plugin,
'authentication': auth,
- 'auth_check_login_simple': check_login_simple,
+ 'auth_no_pass_redirect': no_pass_redirect,
'auth_create_user': create_user,
- 'template_global_context': append_to_global_context,
- 'auth_get_login_form': get_login_form,
}
--- /dev/null
+# GNU MediaGoblin -- federated, autonomous media hosting
+# Copyright (C) 2011, 2012 MediaGoblin contributors. See AUTHORS.
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+import wtforms
+
+from mediagoblin.tools.translate import lazy_pass_to_ugettext as _
+from mediagoblin.auth.tools import normalize_user_or_email_field
+
+
+class RegisterForm(wtforms.Form):
+ username = wtforms.HiddenField(
+ '',
+ [wtforms.validators.Required(),
+ normalize_user_or_email_field(allow_email=False)])
+ email = wtforms.TextField(
+ _('Email address'),
+ [wtforms.validators.Required(),
+ normalize_user_or_email_field(allow_user=False)])
+
+
+class LoginForm(wtforms.Form):
+ username = wtforms.TextField(
+ _('Username'),
+ [wtforms.validators.Required(),
+ normalize_user_or_email_field()])
+ password = wtforms.PasswordField(
+ _('Password'),
+ [wtforms.validators.Required()])
import logging
from mediagoblin import mg_globals
-from mediagoblin.db.models import User
-from mediagoblin.tools.response import redirect
_log = logging.getLogger(__name__)
class LDAP(object):
- def __init__(self, request):
+ def __init__(self):
self.ldap_settings = mg_globals.global_config['plugins']['mediagoblin.plugins.ldap']
- self.request = request
def _connect(self, server):
_log.info('Connecting to {0}.'.format(server['LDAP_HOST']))
def login(self, username, password):
for k, v in self.ldap_settings.iteritems():
try:
- import ipdb
- ipdb.set_trace()
self._connect(v)
user_dn = v['USER_DN_TEMPLATE'].format(username=username)
self.conn.simple_bind_s(user_dn, password.encode('utf8'))
- return self._get_or_create_user(username)
+ return username
except ldap.LDAPError, e:
_log.info(e)
- return None
-
- def _get_or_create_user(self, username):
- user = User.query.filter_by(
- username=username).first()
-
- if user:
- return user
-
- self.request.session['username'] = username
- redirect(
- self.request, 'mediagoblin.plugins.ldap.register')
+ return False
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
+from mediagoblin import mg_globals, messages
from mediagoblin.auth.tools import register_user
+from mediagoblin.db.models import User
+from mediagoblin.decorators import allow_registration, auth_enabled
from mediagoblin.plugins.ldap import forms
+from mediagoblin.plugins.ldap.tools import LDAP
+from mediagoblin.tools.translate import pass_to_ugettext as _
from mediagoblin.tools.response import redirect, render_to_response
+@auth_enabled
+def login(request):
+ login_form = forms.LoginForm(request.form)
+
+ login_failed = False
+
+ if request.method == 'POST' and login_form.validate():
+ l = LDAP()
+ username = l.login(login_form.username.data, login_form.password.data)
+
+ if username:
+ user = User.query.filter_by(
+ username=username).first()
+
+ if user:
+ # set up login in session
+ request.session['user_id'] = unicode(user.id)
+ request.session.save()
+
+ if request.form.get('next'):
+ return redirect(request, location=request.form['next'])
+ else:
+ return redirect(request, "index")
+ else:
+ if not mg_globals.app.auth:
+ messages.add_message(
+ request,
+ messages.WARNING,
+ _('Sorry, authentication is disabled on this '
+ 'instance.'))
+ return redirect(request, 'index')
+
+ register_form = forms.RegisterForm(request.form,
+ username=username)
+
+ return render_to_response(
+ request,
+ 'mediagoblin/auth/register.html',
+ {'register_form': register_form,
+ 'post_url': request.urlgen('mediagoblin.plugins.ldap.register')})
+
+ login_failed = True
+
+ return render_to_response(
+ request,
+ 'mediagoblin/auth/login.html',
+ {'login_form': login_form,
+ 'next': request.GET.get('next') or request.form.get('next'),
+ 'login_failed': login_failed,
+ 'post_url': request.urlgen('mediagoblin.plugins.ldap.login'),
+ 'allow_registration': mg_globals.app_config["allow_registration"]})
+
+
+@allow_registration
+@auth_enabled
def register(request):
- username = request.session.pop('username')
- if 'email' in request.session:
- email = request.session.pop('email')
- else:
- email = None
- register_form = forms.RegisterForm(request.form, username=username,
- email=email)
-
- if request.method == 'POST' and register_form.validate():
+ if request.method == 'GET':
+ return redirect(
+ request,
+ 'mediagoblin.plugins.ldap.login')
+
+ register_form = forms.RegisterForm(request.form)
+
+ if register_form.validate():
user = register_user(request, register_form)
if user:
{% endif %}
{% template_hook("login_link") %}
{{ wtforms_util.render_divs(login_form, True) }}
- {% if pass_auth %}
+ {% if pass_auth is defined %}
<p>
<a href="{{ request.urlgen('mediagoblin.auth.forgot_password') }}" id="forgot_password">
{% trans %}Forgot your password?{% endtrans %}</a>
projects / mediagoblin.git / commitdiff