diff --git a/app/utils/ldap.py b/app/utils/ldap.py index 4e62639..78eaddb 100644 --- a/app/utils/ldap.py +++ b/app/utils/ldap.py @@ -8,8 +8,8 @@ def get_member(username): username = normalize(username) # Never safe enough conn = ldap.initialize("ldap://localhost") # Search for user - r = conn.search_s(V5Config.LDAP_ORGANIZATION, ldap.SCOPE_SUBTREE, - f'(cn={username})') + r = conn.search_s(f"{V5Config.LDAP_ENV},{V5Config.LDAP_ROOT}", + ldap.SCOPE_SUBTREE, f'(cn={username})') if len(r) > 0: return r[0] else: @@ -21,7 +21,7 @@ def edit(user, fields): conn = ldap.initialize("ldap://localhost") # TODO: do this # Connect as root - # conn.simple_bind_s(f'cn=ldap-root,{V5Config.LDAP_ORGANIZATION}', + # conn.simple_bind_s(f'cn=ldap-root,{V5Config.LDAP_ENV}', # V5Config.LDAP_PASSWORD) # old_value = {"userPassword": ["my_old_password"]} # new_value = {"userPassword": ["my_new_password"]} @@ -38,9 +38,9 @@ def set_password(user, password): """ Set password for a user. """ conn = ldap.initialize("ldap://localhost") # Connect as root - conn.simple_bind_s(f'cn=ldap-root,{V5Config.LDAP_ORGANIZATION}', + conn.simple_bind_s(f'cn=ldap-root,{V5Config.LDAP_ROOT}', V5Config.LDAP_PASSWORD) - conn.passwd_s(f"cn={user.norm},{V5Config.LDAP_ORGANIZATION}", + conn.passwd_s(f"cn={user.norm},{V5Config.LDAP_ENV},{V5Config.LDAP_ROOT}", None, password) @@ -48,8 +48,8 @@ def check_password(user, password): """ Try to login a user through LDAP register. """ conn = ldap.initialize("ldap://localhost") try: - conn.simple_bind_s(f"cn={user.norm},{V5Config.LDAP_ORGANIZATION}", - password) + conn.simple_bind_s(f"cn={user.norm},{V5Config.LDAP_ENV}," \ + f"{V5Config.LDAP_ROOT}", password) except ldap.INVALID_CREDENTIALS: return False return True @@ -62,10 +62,10 @@ def add_member(member): return conn = ldap.initialize("ldap://localhost") # Connect as root - conn.simple_bind_s(f'cn=ldap-root,{V5Config.LDAP_ORGANIZATION}', + conn.simple_bind_s(f'cn=ldap-root,{V5Config.LDAP_ROOT}', V5Config.LDAP_PASSWORD) # Create fields - dn = f'cn={member.norm},{V5Config.LDAP_ORGANIZATION}' + dn = f'cn={member.norm},{V5Config.LDAP_ENV},{V5Config.LDAP_ROOT}' modlist = addModlist({ 'objectClass': [bytes('inetOrgPerson', 'UTF8')], 'cn': [bytes(member.norm, 'UTF8')], @@ -83,9 +83,9 @@ def delete_member(member): """ Remove a member from LDAP register """ conn = ldap.initialize("ldap://localhost") # Connect as root - conn.simple_bind_s(f'cn=ldap-root,{V5Config.LDAP_ORGANIZATION}', + conn.simple_bind_s(f'cn=ldap-root,{V5Config.LDAP_ROOT}', V5Config.LDAP_PASSWORD) # Create fields - dn = f'cn={member.norm},{V5Config.LDAP_ORGANIZATION}' + dn = f'cn={member.norm},{V5Config.LDAP_ENV},{V5Config.LDAP_ROOT}' # Delete the user conn.delete_s(dn) diff --git a/config.py b/config.py index ae5df4d..be5e06f 100644 --- a/config.py +++ b/config.py @@ -29,7 +29,8 @@ class DefaultConfig(object): USE_LDAP = False # LDAP configuration LDAP_PASSWORD = "openldap" - LDAP_ORGANIZATION = "o=planet-casio" + LDAP_ROOT = "o=planet-casio" + LDAP_ENV = "o=prod" # Secret key used to authenticate tokens. **USE YOURS!** SECRET_KEY = "a-random-secret-key" # Uploaded data folder diff --git a/local_config.py.default b/local_config.py.default index 7885f5f..22986fe 100644 --- a/local_config.py.default +++ b/local_config.py.default @@ -5,7 +5,7 @@ class LocalConfig(object): DB_NAME = "pcv5" USE_LDAP = True LDAP_PASSWORD = "openldap" - LDAP_ORGANIZATION = "o=planet-casio" + LDAP_ENV = "o=prod" SECRET_KEY = "a-random-secret-key" # CHANGE THIS VALUE *NOW* AVATARS_FOLDER = '/home/pc/data/avatars/' ENABLE_GUEST_POST = True