bofh/fet2020
8
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

update authentications

Browse Source
This commit is contained in:
Patrick Mayr
2023-08-01 16:02:01 +00:00
parent 70b017af9e
commit 0d17f30d72
2 changed files with 20 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
fet2020/authentications/authentications.py
View File

@@ -18,12 +18,7 @@ def authentication(username, password):
userdn = f"uid={username},ou=user,dc=fet,dc=htu,dc=tuwien,dc=ac,dc=at" userdn = f"uid={username},ou=user,dc=fet,dc=htu,dc=tuwien,dc=ac,dc=at"
try: try:
c = Connection(server, user=userdn, password=password) c = Connection(server, user=userdn, password=password, auto_bind=True)
# perform the Bind operation
if not c.bind():
print("error in bind", c.result)
if c.extend.standard.who_am_i(): if c.extend.standard.who_am_i():
return username return username

31
fet2020/authentications/forms.py
View File

@@ -1,6 +1,6 @@
from django.contrib.auth.forms import AuthenticationForm, PasswordChangeForm from django.contrib.auth.forms import AuthenticationForm, PasswordChangeForm
from django.contrib.auth.models import User from django.contrib.auth.models import User
from django.core.validators import ValidationError from django.core.exceptions import ValidationError
from .authentications import authentication, change_password from .authentications import authentication, change_password
@@ -12,18 +12,17 @@ class LoginForm(AuthenticationForm):
if username is not None and password: if username is not None and password:
auth_user = authentication(username, password) auth_user = authentication(username, password)
if auth_user is None:
raise ValidationError(
"Bitte Benutzername und Passwort korrekt eingeben.",
code="invalid_login",
)
if auth_user:
try: try:
self.user_cache = User.objects.get(username=auth_user.lower()) self.user_cache = User.objects.get(username=auth_user.lower())
except User.DoesNotExist: except User.DoesNotExist:
self.user_cache = User.objects.create_user(auth_user.lower()) self.user_cache = User.objects.create_user(auth_user.lower())
else: finally:
raise self.get_invalid_login_error()
if self.user_cache is None:
raise self.get_invalid_login_error()
else:
self.confirm_login_allowed(self.user_cache) self.confirm_login_allowed(self.user_cache)
return self.cleaned_data return self.cleaned_data
@@ -31,19 +30,19 @@ class LoginForm(AuthenticationForm):
class LdapPasswordChangeForm(PasswordChangeForm): class LdapPasswordChangeForm(PasswordChangeForm):
def clean_old_password(self): def clean_old_password(self):
old_password = self.cleaned_data["old_password"] old_password = self.cleaned_data.get("old_password")
if not authentication(self.user.username, old_password): auth_user = authentication(self.user, old_password)
if auth_user is None:
raise ValidationError( raise ValidationError(
self.error_messages["password_incorrect"], self.error_messages["password_incorrect"],
code="password_incorrect", code="password_incorrect",
) )
return old_password return old_password
def clean(self):
old_password = self.cleaned_data["old_password"]
new_password = self.cleaned_data["new_password1"]
if not change_password(self.user, old_password, new_password):
raise ValidationError("Passwort im LDAP ändern funktioniert nicht.")
def save(self): def save(self):
old_password = self.cleaned_data.get("old_password")
new_password = self.cleaned_data.get("new_password1")
change_password(self.user, old_password, new_password)
return self.user return self.user