Merge branch 'ldap_auth' of bofh/fet2020 into master

2020-09-03 10:51:04 +02:00
parent 290791465c 3304464294
commit cb5e50502c
13 changed files with 252 additions and 9 deletions
--- a/fet2020/authentications/init.py
+++ b/fet2020/authentications/init.py
--- a/fet2020/authentications/admin.py
+++ b/fet2020/authentications/admin.py
@@ -0,0 +1,3 @@
+# from django.contrib import admin
+
+# Register your models here.
--- a/fet2020/authentications/apps.py
+++ b/fet2020/authentications/apps.py
@@ -0,0 +1,5 @@
+from django.apps import AppConfig
+
+
+class AuthenticationsConfig(AppConfig):
+    name = 'authentications'
--- a/fet2020/authentications/authentications.py
+++ b/fet2020/authentications/authentications.py
@@ -0,0 +1,35 @@
+import ldap3
+import logging
+from ldap3.core.exceptions import LDAPBindError
+
+logger = logging.getLogger(__name__)
+
+
+def authentication(username, password):
+    # no empty passwords
+    if password is None or password.strip() == "":
+        return None
+
+    # username format
+    new_username = 'uid={username},ou=user,dc=fet,dc=htu,dc=tuwien,dc=ac,dc=at'
+    userdn = new_username.format(username=username)
+
+    server_uri = 'ldap://gagarin.fet.htu.tuwien.ac.at'
+    server = ldap3.Server(server_uri, port=389, use_ssl=True)
+
+    has_user = False
+
+    try:
+        conn = ldap3.Connection(server, user=userdn, password=password, auto_bind=True)
+        conn.search('dc=fet,dc=htu,dc=tuwien,dc=ac,dc=at', '(objectclass=person)')
+        for user in sorted(conn.entries):
+            if ("DN: uid=" + str(username.lower())) in str(user):
+                has_user = True
+    except LDAPBindError as e:
+        logger.info('Username does not exist. Error: {}'.format(e))
+        username = None
+
+    if not has_user:
+        username = None
+
+    return username
--- a/fet2020/authentications/decorators.py
+++ b/fet2020/authentications/decorators.py
@@ -0,0 +1,21 @@
+from django.shortcuts import redirect
+
+
+def unauthenticated_user(view_func):
+    def wrapper_func(request, *args, **kwargs):
+        if request.user.is_authenticated:
+            return redirect('home')
+        else:
+            return view_func(request, *args, **kwargs)
+
+    return wrapper_func
+
+
+def authenticated_user(view_func):
+    def wrapper_func(request, *args, **kwargs):
+        if request.user.is_authenticated:
+            return view_func(request, *args, **kwargs)
+        else:
+            return redirect('home')
+
+    return wrapper_func
--- a/fet2020/authentications/models.py
+++ b/fet2020/authentications/models.py
@@ -0,0 +1,3 @@
+# from django.db import models
+
+# Create your models here.
--- a/fet2020/authentications/tests.py
+++ b/fet2020/authentications/tests.py
@@ -0,0 +1,3 @@
+# from django.test import TestCase
+
+# Create your tests here.
--- a/fet2020/authentications/urls.py
+++ b/fet2020/authentications/urls.py
@@ -0,0 +1,8 @@
+from django.urls import path
+from . import views
+
+
+urlpatterns = [
+    path('login/', views.loginPage, name="login"),
+    path('logout/', views.logoutUser, name="logout"),
+]
--- a/fet2020/authentications/views.py
+++ b/fet2020/authentications/views.py
@@ -0,0 +1,36 @@
+from django.shortcuts import render, redirect
+from django.contrib.auth import login, logout
+from django.contrib import messages
+from django.contrib.auth.models import User
+
+from .authentications import authentication
+from .decorators import unauthenticated_user, authenticated_user
+
+
+@unauthenticated_user
+def loginPage(request):
+    if request.method == 'POST':
+        username = request.POST.get('username')
+        password = request.POST.get('password')
+
+        auth_user = authentication(username, password)
+
+        if auth_user is not None:
+            try:
+                user = User.objects.get(username=auth_user.lower())
+            except User.DoesNotExist:
+                user = User.objects.create_user(auth_user.lower())
+
+            login(request, user)
+            return redirect('home')
+        else:
+            messages.info(request, 'username or password is incorrect')
+
+    context = {}
+    return render(request, 'authentications/login.html', context)
+
+
+@authenticated_user
+def logoutUser(request):
+    logout(request)
+    return redirect('home')
--- a/fet2020/fet2020/settings.py
+++ b/fet2020/fet2020/settings.py
@@ -115,7 +115,7 @@ DATABASES = {
 }

 AUTHENTICATION_BACKENDS = [
-    'django.contrib.auth.backends.RemoteUserBackend',
+    # 'django.contrib.auth.backends.RemoteUserBackend',
    'django.contrib.auth.backends.ModelBackend',
 ]

--- a/fet2020/fet2020/urls.py
+++ b/fet2020/fet2020/urls.py
@@ -21,6 +21,7 @@ from . import views
 from posts.views import PostViewSet
 from members.views import MemberViewSet
 from rest_framework import routers
+# from authentications.decorators import authenticated_user

 router = routers.DefaultRouter()
 router.register(r'posts', PostViewSet)
@@ -30,6 +31,7 @@ urlpatterns = [
    path('posts/', include('posts.urls')),
    path('admin/doc/', include('django.contrib.admindocs.urls')),
    path('admin/', admin.site.urls),
+    path('auth/', include('authentications.urls')),
    path('', views.index, name='home'),
    path('index.html', views.index, name='home'),
    path('ckeditor/', include('ckeditor_uploader.urls')),
--- a/fet2020/templates/authentications/login.html
+++ b/fet2020/templates/authentications/login.html
@@ -0,0 +1,123 @@
+<!DOCTYPE html>
+<html>
+    
+<head>
+	<title>Login</title>
+	<link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css" integrity="sha384-MCw98/SFnGE8fJT3GXwEOngsV7Zt27NXFoaoApmYm81iuXoPkFOJwJ8ERdknLPMO" crossorigin="anonymous">
+	<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js"></script>
+	<link rel="stylesheet" href="https://use.fontawesome.com/releases/v5.6.1/css/all.css" integrity="sha384-gfdkjb5BdAXd+lj+gudLWI+BXq4IuLW5IT+brZEZsLFm++aCMlF1V92rMkPaX4PP" crossorigin="anonymous">
+
+
+	<style>
+		body,
+		html {
+			margin: 0;
+			padding: 0;
+			height: 100%;
+			background: #7abecc !important;
+		}
+		.user_card {
+			width: 350px;
+			margin-top: auto;
+			margin-bottom: auto;
+			background: #74cfbf;
+			position: relative;
+			display: flex;
+			justify-content: center;
+			flex-direction: column;
+			padding: 10px;
+			box-shadow: 0 4px 8px 0 rgba(0, 0, 0, 0.2), 0 6px 20px 0 rgba(0, 0, 0, 0.19);
+			-webkit-box-shadow: 0 4px 8px 0 rgba(0, 0, 0, 0.2), 0 6px 20px 0 rgba(0, 0, 0, 0.19);
+			-moz-box-shadow: 0 4px 8px 0 rgba(0, 0, 0, 0.2), 0 6px 20px 0 rgba(0, 0, 0, 0.19);
+			border-radius: 5px;
+
+		}
+
+		.form_container {
+			margin-top: 20px;
+		}
+
+		#form-title{
+			color: #fff;
+			
+		}
+
+		.login_btn {
+			width: 100%;
+			background: #33ccff !important;
+			color: white !important;
+		}
+		.login_btn:focus {
+			box-shadow: none !important;
+			outline: 0px !important;
+		}
+		.login_container {
+			padding: 0 2rem;
+		}
+		.input-group-text {
+			background: #f7ba5b !important;
+			color: white !important;
+			border: 0 !important;
+			border-radius: 0.25rem 0 0 0.25rem !important;
+		}
+		.input_user,
+		.input_pass:focus {
+			box-shadow: none !important;
+			outline: 0px !important;
+		}
+
+		#messages{
+			background-color: grey;
+			color: #fff;
+			padding: 10px;
+			margin-top: 10px;
+		}
+	</style>
+
+</head>
+<body>
+	<div class="container h-100">
+		<div class="d-flex justify-content-center h-100">
+			<div class="user_card">
+				<div class="d-flex justify-content-center">
+
+
+					<h3 id="form-title">LOGIN</h3>
+				</div>
+				<div class="d-flex justify-content-center form_container">
+					<form method="POST" action="">
+						{% csrf_token %}
+						<div class="input-group mb-3">
+							<div class="input-group-append">
+								<span class="input-group-text"><i class="fas fa-user"></i></span>
+							</div>
+
+							<input type="text" name="username" placeholder="Username..." class="form-control">
+						</div>
+
+						<div class="input-group mb-2">
+							<div class="input-group-append">
+								<span class="input-group-text"><i class="fas fa-key"></i></span>
+							</div>
+
+								<input type="password" name="password" placeholder="Password..." class="form-control" >
+						</div>
+
+							<div class="d-flex justify-content-center mt-3 login_container">
+				 				<input class="btn login_btn" type="submit" value="Login">
+				   			</div>
+					</form>
+
+				</div>
+
+				{% for message in messages %}
+					<p id="messages">{{message}}</p>
+				{% endfor %}
+					
+				</div>
+			</div>
+		</div>
+	</div>
+</body>
+
+</html>
--- a/fet2020/templates/layout.html
+++ b/fet2020/templates/layout.html
@@ -6,7 +6,7 @@
    <meta charset="utf-8" />
    <meta http-equiv="x-ua-compatible" content="ie=edge">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
-    <title>FET DjangoLayout</title>
+    <title>FET</title>
    <link rel="stylesheet" href="{% static 'app.css' %}">
    {% csrf_token %}
    {% block header %}
@@ -20,11 +20,16 @@
 </div>
 <div class="top-bar-right">
    <ul class="menu vertical medium-horizontal expanded medium-text-center">
-
+        {% if request.user.is_authenticated %}
+            Hallo {{request.user.username}}
+            <li class=""><a href="/admin">Admin</a></li>
+            <li class=""><a href="{%url 'logout'%}">Logout</a> </li>
+        {% else %}
+            <li class=""><a href="{%url 'login'%}">Login</a> </li>
+        {% endif %}
        <li class=""><a href="{%url 'home'%}">Aktuelles</a> </li>
        <li class=""><a href="/fotos">Fotos</a> </li>
-      <li class=""><a href="{%url 'members'%}">Mitarbeiter</a>
-      </li>
+        <li class=""><a href="{%url 'members'%}">Mitarbeiter</a> </li>
    </ul>
 </div>
 </div>
@@ -36,7 +41,6 @@
 <div class="grid-x medium-padding-1 large-padding-left-2" style="">
 <div class="cell">
 <ul class="no-bullet">
-<li><a href="/admin">admin</a></li>
 <li><a href="{% url 'posts.show' 'impressum'%}">Impressum</a></li>
 </div>