unit
/
ldap-panel
9
0
Fork 1
Code Issues 1 Pull Requests 0 Releases 0 Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
24 KiB
 
 
 
Branch: master
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'master'
${ noResults }
ldap-panel/app.py

97 lines
2.5 KiB
Raw Permalink Blame History 

  1. #!/usr/bin/env python3

  2. 

  3. import os

  4. from os import path

  5. 

  6. from configparser import ConfigParser

  7. 

  8. import bottle

  9. from bottle import get, post, static_file, request, route, template

  10. from bottle import SimpleTemplate

  11. 

  12. import ldap

  13. 

  14. 

  15. @get('/')

  16. def get_index():

  17.     return index_tpl()

  18. 

  19. 

  20. @post('/')

  21. def post_index():

  22.     form = request.forms.getunicode

  23. 

  24.     def error(msg):

  25.         return index_tpl(username=form('username'), alerts=[('error', msg)])

  26. 

  27.     if form('new-password') != form('confirm-password'):

  28.         return error("Password doesn't match the confirmation!")

  29. 

  30.     if len(form('new-password')) < 8:

  31.         return error("Password must be at least 8 characters long!")

  32. 

  33.     try:

  34.         ldap_change_password(form('username'),

  35.                              form('old-password'), form('new-password'))

  36.     except Error as e:

  37.         print("Unsuccessful attemp to change password for {}: {}"

  38.               .format(form('username'), str(e)))

  39.         return error(str(e))

  40. 

  41.     print("Password successfully changed for: {}"

  42.           .format(form('username')))

  43. 

  44.     return index_tpl(alerts=[('success', "Password has been changed")])

  45. 

  46. 

  47. @route('/static/<filename>', name='static')

  48. def serve_static(filename):

  49.     return static_file(filename, root=path.join(BASE_DIR, 'static'))

  50. 

  51. 

  52. def index_tpl(**kwargs):

  53.     return template('index', **kwargs)

  54. 

  55. 

  56. def ldap_change_password(username, old, new):

  57.     dn_name = "uid={},{}".format(username, CONF['ldap']['base'])

  58.     l = ldap.initialize(CONF['ldap']['host'])

  59.     l.set_option(ldap.OPT_X_TLS_CACERTFILE, CONF['ldap']['tls_cacert'])

  60.     l.set_option(ldap.OPT_X_TLS, ldap.OPT_X_TLS_DEMAND)

  61.     if CONF['ldap']['tls'] == "True":

  62.         l.start_tls_s()

  63.     l.simple_bind_s(dn_name, old)

  64.     l.passwd_s(dn_name, old, new)

  65.     l.unbind_s()

  66. 

  67. 

  68. def read_config():

  69.     config = ConfigParser()

  70.     config.read([path.join(BASE_DIR, 'settings.ini'),

  71.                 os.getenv('CONF_FILE', '')])

  72.     return config

  73. 

  74. 

  75. class Error(Exception):

  76.     pass

  77. 

  78. 

  79. BASE_DIR = path.dirname(__file__)

  80. CONF = read_config()

  81. 

  82. ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_NEVER)

  83. 

  84. bottle.TEMPLATE_PATH = [BASE_DIR]

  85. 

  86. # Set default attributes to pass into templates.

  87. SimpleTemplate.defaults = dict(CONF['html'])

  88. SimpleTemplate.defaults['url'] = bottle.url

  89. 

  90. 

  91. # Run bottle internal server when invoked directly (mainly for development).

  92. if __name__ == '__main__':

  93.     bottle.run(**CONF['server'])

  94. # Run bottle in application mode (in production under uWSGI server).

  95. else:

  96.     application = bottle.default_app()