diff options
author | Alexander Sulfrian <alexander@sulfrian.net> | 2016-01-23 20:17:36 +0100 |
---|---|---|
committer | Alexander Sulfrian <alexander@sulfrian.net> | 2016-01-25 01:56:49 +0100 |
commit | 9f24d8bd26e7dd3b7e36294edee31be7a37fa650 (patch) | |
tree | 85f50a093f70d36fd58c52072ba2e5ccdaef91e7 /accounts/__init__.py | |
parent | ea3983d891bc6e34a827902ac8cf15734923e14c (diff) | |
download | web-9f24d8bd26e7dd3b7e36294edee31be7a37fa650.tar.gz web-9f24d8bd26e7dd3b7e36294edee31be7a37fa650.tar.bz2 web-9f24d8bd26e7dd3b7e36294edee31be7a37fa650.zip |
backend/user: Allow different backends for users
Diffstat (limited to 'accounts/__init__.py')
-rw-r--r-- | accounts/__init__.py | 26 |
1 files changed, 11 insertions, 15 deletions
diff --git a/accounts/__init__.py b/accounts/__init__.py index 09aa875..d52a724 100644 --- a/accounts/__init__.py +++ b/accounts/__init__.py @@ -18,6 +18,7 @@ if 'SPLINE_ACCOUNT_WEB_SETTINGS' in os.environ: app.all_services = account.SERVICES #TODO: take that from our json file or so app.username_blacklist = list() +app.user_backend = get_backend(app.config['USER_BACKEND'], app) app.mail_backend = get_backend(app.config['MAIL_BACKEND'], app) @app.before_request @@ -28,11 +29,6 @@ def session_permanent(): session.permanent = False @app.before_request -def ldap_connect(): - g.ldap = account.AccountService(app.config['LDAP_HOST'], app.config['LDAP_BASE_DN'], - app.config['LDAP_ADMIN_USER'], app.config['LDAP_ADMIN_PASS'], app.all_services) - -@app.before_request def initialize_user(): g.user = None @@ -40,7 +36,7 @@ def initialize_user(): username = ensure_utf8(session['username']) password = ensure_utf8(decrypt_password(session['password'])) try: - g.user = g.ldap.auth(username, password) + g.user = current_app.user_backend.auth(username, password) except ldap.INVALID_CREDENTIALS: # we had crap in the session, delete it logout_user() @@ -100,9 +96,9 @@ def register_complete(token): username, mail = http_verify_confirmation('register', token.encode('ascii'), timeout=3*24*60*60) try: - g.ldap.get_by_uid(username) - g.ldap.get_by_mail(mail) - except account.NoSuchUserError: + app.user_backend.get_by_uid(username) + app.user_backend.get_by_mail(mail) + except app.user_backend.NoSuchUserError: pass else: flash(u'Du hast den Benutzer bereits angelegt! Du kannst dich jetzt einfach einloggen:') @@ -113,7 +109,7 @@ def register_complete(token): password = form.password.data user = account.Account(username, mail, password=form.password.data) - g.ldap.register(user) + app.user_backend.register(user) # populate request context and session assert login_user(user.uid, user.password) @@ -172,9 +168,9 @@ def lost_password_complete(token): form = RegisterCompleteForm(request.form, csrf_enabled=False) if request.method == 'POST' and form.validate(): - user = g.ldap.get_by_uid(username) + user = app.user_backend.get_by_uid(username) user.change_password(form.password.data) - g.ldap.update(user, as_admin=True) + app.user_backend.update(user, as_admin=True) session['username'] = username session['password'] = encrypt_password(form.password.data) @@ -235,7 +231,7 @@ def settings(): g.user.change_password(field.data, None, service.id) if changed: - g.ldap.update(g.user, as_admin=True) #XXX: as_admin wieder wegmachen sobald ACLs richtig gesetzt sind + app.user_backend.update(g.user, as_admin=True) #XXX: as_admin wieder wegmachen sobald ACLs richtig gesetzt sind return redirect(url_for('settings')) else: flash(u'Nichts geändert.') @@ -258,13 +254,13 @@ def change_mail(token): if g.user.uid != username: raise Forbidden(u'Bitte logge dich als der Benutzer ein, dessen E-Mail-Adresse du ändern willst.') - results = g.ldap.find_by_mail(mail) + results = app.user_backend.find_by_mail(mail) for user in results: if user.uid != g.user.uid: raise Forbidden(u'Diese E-Mail-Adresse wird schon von einem anderen account benutzt!') g.user.change_email(mail) - g.ldap.update(g.user) + app.user_backend.update(g.user) flash(u'E-Mail-Adresse geändert.', 'success') return redirect(url_for('settings')) |