1 files changed, 11 insertions, 15 deletions

diff --git a/accounts/__init__.py b/accounts/__init__.py
index 09aa875..d52a724 100644
--- a/accounts/__init__.py
+++ b/accounts/__init__.py
@@ -18,6 +18,7 @@ if 'SPLINE_ACCOUNT_WEB_SETTINGS' in os.environ:
 
 app.all_services = account.SERVICES #TODO: take that from our json file or so
 app.username_blacklist = list()
+app.user_backend = get_backend(app.config['USER_BACKEND'], app)
 app.mail_backend = get_backend(app.config['MAIL_BACKEND'], app)
 
 @app.before_request
@@ -28,11 +29,6 @@ def session_permanent():
         session.permanent = False
 
 @app.before_request
-def ldap_connect():
-    g.ldap = account.AccountService(app.config['LDAP_HOST'], app.config['LDAP_BASE_DN'],
-        app.config['LDAP_ADMIN_USER'], app.config['LDAP_ADMIN_PASS'], app.all_services)
-
-@app.before_request
 def initialize_user():
     g.user = None
 
@@ -40,7 +36,7 @@ def initialize_user():
         username = ensure_utf8(session['username'])
         password = ensure_utf8(decrypt_password(session['password']))
         try:
-            g.user = g.ldap.auth(username, password)
+            g.user = current_app.user_backend.auth(username, password)
         except ldap.INVALID_CREDENTIALS:
             # we had crap in the session, delete it
             logout_user()
@@ -100,9 +96,9 @@ def register_complete(token):
     username, mail = http_verify_confirmation('register', token.encode('ascii'), timeout=3*24*60*60)
 
     try:
-        g.ldap.get_by_uid(username)
-        g.ldap.get_by_mail(mail)
-    except account.NoSuchUserError:
+        app.user_backend.get_by_uid(username)
+        app.user_backend.get_by_mail(mail)
+    except app.user_backend.NoSuchUserError:
         pass
     else:
         flash(u'Du hast den Benutzer bereits angelegt! Du kannst dich jetzt einfach einloggen:')
@@ -113,7 +109,7 @@ def register_complete(token):
         password = form.password.data
 
         user = account.Account(username, mail, password=form.password.data)
-        g.ldap.register(user)
+        app.user_backend.register(user)
 
         # populate request context and session
         assert login_user(user.uid, user.password)
@@ -172,9 +168,9 @@ def lost_password_complete(token):
 
     form = RegisterCompleteForm(request.form, csrf_enabled=False)
     if request.method == 'POST' and form.validate():
-        user = g.ldap.get_by_uid(username)
+        user = app.user_backend.get_by_uid(username)
         user.change_password(form.password.data)
-        g.ldap.update(user, as_admin=True)
+        app.user_backend.update(user, as_admin=True)
 
         session['username'] = username
         session['password'] = encrypt_password(form.password.data)
@@ -235,7 +231,7 @@ def settings():
                     g.user.change_password(field.data, None, service.id)
 
         if changed:
-            g.ldap.update(g.user, as_admin=True) #XXX: as_admin wieder wegmachen sobald ACLs richtig gesetzt sind
+            app.user_backend.update(g.user, as_admin=True) #XXX: as_admin wieder wegmachen sobald ACLs richtig gesetzt sind
             return redirect(url_for('settings'))
         else:
             flash(u'Nichts geändert.')
@@ -258,13 +254,13 @@ def change_mail(token):
     if g.user.uid != username:
         raise Forbidden(u'Bitte logge dich als der Benutzer ein, dessen E-Mail-Adresse du ändern willst.')
 
-    results = g.ldap.find_by_mail(mail)
+    results = app.user_backend.find_by_mail(mail)
     for user in results:
         if user.uid != g.user.uid:
             raise Forbidden(u'Diese E-Mail-Adresse wird schon von einem anderen account benutzt!')
 
     g.user.change_email(mail)
-    g.ldap.update(g.user)
+    app.user_backend.update(g.user)
 
     flash(u'E-Mail-Adresse geändert.', 'success')
     return redirect(url_for('settings'))