From 1845fe73afc7c42558eb1c1834d4a6247cc01fac Mon Sep 17 00:00:00 2001
From: Patrick <patrick@fet.at>
Date: Tue, 11 Aug 2020 14:25:38 +0000
Subject: [PATCH] add ldap3 for authentification (use a testserver),
 login/logout from django, my own decorator and test-template for login

---
 fet2020/accounts/authentications.py   |  27 ++++++
 fet2020/accounts/decorators.py        |  11 +++
 fet2020/accounts/urls.py              |   8 ++
 fet2020/accounts/views.py             |  68 +++++++-------
 fet2020/documents/views.py            |   3 +-
 fet2020/fet2020/urls.py               |   1 +
 fet2020/templates/accounts/login.html | 123 ++++++++++++++++++++++++++
 7 files changed, 205 insertions(+), 36 deletions(-)
 create mode 100644 fet2020/accounts/authentications.py
 create mode 100644 fet2020/accounts/decorators.py
 create mode 100644 fet2020/accounts/urls.py
 create mode 100644 fet2020/templates/accounts/login.html

diff --git a/fet2020/accounts/authentications.py b/fet2020/accounts/authentications.py
new file mode 100644
index 00000000..cf928a75
--- /dev/null
+++ b/fet2020/accounts/authentications.py
@@ -0,0 +1,27 @@
+import ldap3
+
+
+def authentication(username, password):
+    # no empty passwords
+    if password is None or password.strip() == "":
+        # messages.info("username:%s Login denied for blank password", username)
+        return None
+
+    # username format
+    new_username = 'uid={username}, cn=users, cn=accounts, dc=demo1, dc=freeipa, dc=org'
+    userdn = new_username.format(username=username)
+
+    server_uri = 'ipa.demo1.freeipa.org'
+    server = ldap3.Server(server_uri, get_info=ldap3.ALL)
+
+    try:
+        ldap3.Connection(
+            server,
+            userdn,
+            password,
+            auto_bind=True,
+        )
+    except ldap3.core.exceptions.LDAPBindError:
+        username = None
+
+    return username
diff --git a/fet2020/accounts/decorators.py b/fet2020/accounts/decorators.py
new file mode 100644
index 00000000..db0e0b60
--- /dev/null
+++ b/fet2020/accounts/decorators.py
@@ -0,0 +1,11 @@
+from django.shortcuts import redirect
+
+
+def unauthenticated_user(view_func):
+    def wrapper_func(request, *args, **kwargs):
+        if request.user.is_authenticated:
+            return redirect('home')
+        else:
+            return view_func(request, *args, **kwargs)
+
+    return wrapper_func
diff --git a/fet2020/accounts/urls.py b/fet2020/accounts/urls.py
new file mode 100644
index 00000000..7c084c15
--- /dev/null
+++ b/fet2020/accounts/urls.py
@@ -0,0 +1,8 @@
+from django.urls import path
+from . import views
+
+
+urlpatterns = [
+    path('login/', views.loginPage, name="login"),
+    path('logout/', views.logoutUser, name="logout"),
+]
diff --git a/fet2020/accounts/views.py b/fet2020/accounts/views.py
index bd388ef9..7ec72d10 100644
--- a/fet2020/accounts/views.py
+++ b/fet2020/accounts/views.py
@@ -1,40 +1,40 @@
-# from django.shortcuts import render
+from django.shortcuts import render, redirect
+from django.contrib.auth import login, logout
+from django.contrib import messages
+from django.contrib.auth.models import User
 
-# Create your views here.
-##############################
-import ldap3
-from pprint import pprint
+from .authentications import authentication
+# from .decorators import unauthenticated_user
 
 
-server_uri = 'ipa.demo1.freeipa.org'
-search_base = 'ou=users,dc=example,dc=com'
-search_filter = '(uid=rob)'
-attrs = ['*']
+# @unauthenticated_user
+def loginPage(request):
+    """
+    if request.user.is_authenticated:
+        return redirect('home')
+    else:
+    """
+    if request.method == 'POST':
+        username = request.POST.get('username')
+        password = request.POST.get('password')
 
-# Using ldap3
-server = ldap3.Server(server_uri, get_info='ALL')
-with ldap3.Connection(server, auto_bind=True) as conn:
-    conn.search(search_base, search_filter, attributes=attrs)
-    pprint(conn.entries)
-    pprint(server.info)
+        auth_user = authentication(username, password)
 
-# [DN: uid=rob,ou=users,dc=example,dc=com
-# cn: Rob McBroom
-# displayName: Rob McBroom
-# gidNumber: 99999
-# givenName: Rob
-# homeDirectory: /home/rob
-# homePhone: 800-555-1212
-# host: *
-# loginShell: /bin/zsh
-# mail: rob@example.com
-# objectClass: top
-# inetOrgPerson
-# hostObject
-# posixAccount
-# sn: McBroom
-# uid: rob
-# uidNumber: 99999
-# ]
+        if auth_user is not None:
+            try:
+                user = User.objects.get(username=username)
+            except User.DoesNotExist:
+                user = User.objects.create_user(auth_user)
 
-########################################
+            login(request, user)
+            return redirect('home')
+        else:
+            messages.info(request, 'username OR password is incorrect')
+
+    context = {}
+    return render(request, 'accounts/login.html', context)
+
+
+def logoutUser(request):
+    logout(request)
+    return redirect('home')
diff --git a/fet2020/documents/views.py b/fet2020/documents/views.py
index c9efabe6..1cc9d7cc 100644
--- a/fet2020/documents/views.py
+++ b/fet2020/documents/views.py
@@ -5,7 +5,7 @@ from django.shortcuts import render
 
 # from django.http import HttpResponseRedirect
 # from django.template import RequestContext
-from django.contrib.auth.decorators import login_required
+# from django.contrib.auth.decorators import login_required
 # from django.utils.translation import ugettext_lazy as _
 # import urllib
 from urllib.parse import urlparse
@@ -18,7 +18,6 @@ import datetime
 SERVER_URL = "http://etherpad.2020.fet.at/"
 
 
-@login_required
 def document(request, id=None):
     """Create and session and display an embedded pad
     """
diff --git a/fet2020/fet2020/urls.py b/fet2020/fet2020/urls.py
index 00ea79d6..2b63f7d9 100644
--- a/fet2020/fet2020/urls.py
+++ b/fet2020/fet2020/urls.py
@@ -36,4 +36,5 @@ urlpatterns = [
     path('ckeditor/', include('ckeditor_uploader.urls')),
     path('api/', include(router.urls)),
     path('members/', include('members.urls')),
+    path('accounts/', include('accounts.urls')),
 ] + static(settings.MEDIA_URL, document_root=settings.MEDIA_ROOT)
diff --git a/fet2020/templates/accounts/login.html b/fet2020/templates/accounts/login.html
new file mode 100644
index 00000000..85620a87
--- /dev/null
+++ b/fet2020/templates/accounts/login.html
@@ -0,0 +1,123 @@
+<!DOCTYPE html>
+<html>
+    
+<head>
+	<title>Login</title>
+	<link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css" integrity="sha384-MCw98/SFnGE8fJT3GXwEOngsV7Zt27NXFoaoApmYm81iuXoPkFOJwJ8ERdknLPMO" crossorigin="anonymous">
+	<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js"></script>
+	<link rel="stylesheet" href="https://use.fontawesome.com/releases/v5.6.1/css/all.css" integrity="sha384-gfdkjb5BdAXd+lj+gudLWI+BXq4IuLW5IT+brZEZsLFm++aCMlF1V92rMkPaX4PP" crossorigin="anonymous">
+
+
+	<style>
+		body,
+		html {
+			margin: 0;
+			padding: 0;
+			height: 100%;
+			background: #7abecc !important;
+		}
+		.user_card {
+			width: 350px;
+			margin-top: auto;
+			margin-bottom: auto;
+			background: #74cfbf;
+			position: relative;
+			display: flex;
+			justify-content: center;
+			flex-direction: column;
+			padding: 10px;
+			box-shadow: 0 4px 8px 0 rgba(0, 0, 0, 0.2), 0 6px 20px 0 rgba(0, 0, 0, 0.19);
+			-webkit-box-shadow: 0 4px 8px 0 rgba(0, 0, 0, 0.2), 0 6px 20px 0 rgba(0, 0, 0, 0.19);
+			-moz-box-shadow: 0 4px 8px 0 rgba(0, 0, 0, 0.2), 0 6px 20px 0 rgba(0, 0, 0, 0.19);
+			border-radius: 5px;
+
+		}
+
+		.form_container {
+			margin-top: 20px;
+		}
+
+		#form-title{
+			color: #fff;
+			
+		}
+
+		.login_btn {
+			width: 100%;
+			background: #33ccff !important;
+			color: white !important;
+		}
+		.login_btn:focus {
+			box-shadow: none !important;
+			outline: 0px !important;
+		}
+		.login_container {
+			padding: 0 2rem;
+		}
+		.input-group-text {
+			background: #f7ba5b !important;
+			color: white !important;
+			border: 0 !important;
+			border-radius: 0.25rem 0 0 0.25rem !important;
+		}
+		.input_user,
+		.input_pass:focus {
+			box-shadow: none !important;
+			outline: 0px !important;
+		}
+
+		#messages{
+			background-color: grey;
+			color: #fff;
+			padding: 10px;
+			margin-top: 10px;
+		}
+	</style>
+
+</head>
+<body>
+	<div class="container h-100">
+		<div class="d-flex justify-content-center h-100">
+			<div class="user_card">
+				<div class="d-flex justify-content-center">
+
+
+					<h3 id="form-title">LOGIN</h3>
+				</div>
+				<div class="d-flex justify-content-center form_container">
+					<form method="POST" action="">
+						{% csrf_token %}
+						<div class="input-group mb-3">
+							<div class="input-group-append">
+								<span class="input-group-text"><i class="fas fa-user"></i></span>
+							</div>
+
+							<input type="text" name="username" placeholder="Username..." class="form-control">
+						</div>
+
+						<div class="input-group mb-2">
+							<div class="input-group-append">
+								<span class="input-group-text"><i class="fas fa-key"></i></span>
+							</div>
+
+								<input type="password" name="password" placeholder="Password..." class="form-control" >
+						</div>
+
+							<div class="d-flex justify-content-center mt-3 login_container">
+				 				<input class="btn login_btn" type="submit" value="Login">
+				   			</div>
+					</form>
+
+				</div>
+
+				{% for message in messages %}
+					<p id="messages">{{message}}</p>
+				{% endfor %}
+					
+				</div>
+			</div>
+		</div>
+	</div>
+</body>
+
+</html>
\ No newline at end of file