From db849d334158c277d730f01fb9424f92cd421d58 Mon Sep 17 00:00:00 2001
From: Marian Sigler <m@qjym.de>
Date: Fri, 21 Sep 2012 02:46:20 +0200
Subject: use AccountService

Add it to the request context (as `g.ldap`); Use it for login; Connect
to ldap on request startup and store the user object as `g.user`.
---
 utils.py | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

(limited to 'utils.py')

diff --git a/utils.py b/utils.py
index 39d07de..da6d741 100644
--- a/utils.py
+++ b/utils.py
@@ -1,6 +1,7 @@
 # -*- coding: utf-8 -*-
+import ldap
 from functools import wraps
-from flask import flash, request, redirect, render_template, session, url_for
+from flask import flash, g, redirect, render_template, request, session, url_for
 from random import randint
 from Crypto.Cipher import AES
 from werkzeug.exceptions import Forbidden
@@ -28,21 +29,21 @@ def templated(template=None):
 def login_required(f):
     @wraps(f)
     def login_required_(*args, **kwargs):
-        if 'username' not in session:
+        if not g.user:
             raise Forbidden
         return f(*args, **kwargs)
     return login_required_
 
 
 def login_user(username, password):
-#    if not ldap_bind():
-#        return False
+    try:
+        g.user = g.ldap.auth(username, password)
+    except ldap.INVALID_CREDENTIALS:
+        return False
 
     session['username'] = username
     session['password'] = encrypt_password(password)
 
-    #ldap_unbind()
-
     return True
 
 
@@ -74,5 +75,6 @@ def decrypt_password(ciphertext):
     return encryptor.decrypt(ciphertext[16:]).rstrip('\0')
 
 
+
 # circular import
 from app import app
-- 
cgit v1.2.3-1-g7c22