Commit 4fdef16a authored by Jean Michel Rouly's avatar Jean Michel Rouly
Browse files

Introduced LDAP authentication!

parent b9e42740
......@@ -25,13 +25,24 @@ def application(environ, start_response):
# Determine the user credentials to authenticate.
usr = data['usr']
psw = data['pass']
bind = 'uid='+usr+',ou=people,o=gmu.edu'
success = False # authentication success
# Try to talk with the LDAP server.
#ld = ldap.initialize( goconfig.ldap_domain )
#ld.simple_bind_s()
#ld.unbind_s()
success = True
ldap.set_option(ldap.OPT_X_TLS, ldap.OPT_X_TLS_DEMAND)
ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_NEVER)
try:
ld = ldap.initialize( goconfig.ldap_domain )
result = ld.simple_bind_s( bind, psw )
if result is not None:
success = True
except ldap.INVALID_CREDENTIALS:
pass
except ldap.INAPPROPRIATE_AUTH:
pass
except ldap.NO_SUCH_OBJECT:
pass
if( success ):
# create a hashed cookie
......
......@@ -35,7 +35,7 @@ sql_url_table = "urls"
sql_usr_table = "usrs"
#ldap_domain: The location of the LDAP database to connect to.
ldap_domain = "ldap://ldap.gmu.edu"
ldap_domain = "ldaps://directory.gmu.edu:636"
......
......@@ -51,7 +51,7 @@ def application(environ, start_response):
<p>Make sure to include http:// in front.</p>
<input type="text" id="long-url" name="long-url" value="http://" />
<br /><br />
<label for="short-url">identifier</label>
<label for="short-url">identifier (optional)</label>
<p>What your want your URL to look like. This is optional.</p>
<p>Identifier must be at least 5 characters, and only
contain letters and numbers.</p>
......@@ -59,6 +59,7 @@ def application(environ, start_response):
<br /><br />
<input type="submit" name="submit" value="SHORTEN" />
<br />
<p><a href="/exec/out">(logout)</a></p>
</form>
"""
#body.append( url_form )
......
......@@ -46,6 +46,15 @@ def generate_cookie( user ):
return cookie
# Generate an expired cookie in order to remove any preexisting cookie.
def eat_cookie():
cookie = Cookie.SimpleCookie()
cookie["user"] = "goodbye"
cookie["user"]["expires"] = "Thu, 01 Jan 1970 00:00:00 GMT"
cookie["user"]["path"] = "/"
return cookie
# Register the user in the table of active users.
def activate_user( hash_value ):
mdb,cursor = connect_to_mysql()
......
import ldap
import site
import Cookie
site.addsitedir('/srv/http/wsgi')
import library
import goconfig
def application(environ, start_response):
# Grab the current user hash value cookie if there is one, and then
# deactivate that hash value from the SQL database.
current_cookie = Cookie.SimpleCookie()
try:
current_cookie.load( environ['HTTP_COOKIE'] )
user_hash = current_cookie['user'].value
library.deactivate_user( user_hash )
except KeyError:
pass
# Generate an expired cookie to overwrite any existing cookie.
expired_cookie = library.eat_cookie()
expired_cookie_value = expired_cookie['user'].OutputString()
# Push push push.
status = '303 See Other'
response_headers = [('Set-Cookie', expired_cookie_value),
('Location', '/'),
('Content-type', 'text/plain')]
start_response(status, response_headers)
return [ str(expired_cookie) ]
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment