Merge branch 'master' of github.com:spurll/goodplays

spurll · Oct 31, 2018 · 218964a · 218964a
2 parents 5ef8b1f + 90d6135
commit 218964a
Show file tree

Hide file tree

Showing 3 changed files with 39 additions and 11 deletions.
diff --git a/goodplays/authenticate.py b/goodplays/authenticate.py
@@ -1,11 +1,21 @@
 from ldap3 import Server, Connection
+from json import loads
+import requests
 
 from template import app
 from template.models import User
 
 
 def authenticate(username, password):
+    if app.config.get('AUTH_METHOD', 'ldap').lower() == 'ldap':
+        return ldap(username, password)
+    else:
+        return auth(username, password)
+
+
+def ldap(username, password):
     user = None
+    message = None
 
     # Initial connection to the LDAP server.
     server = Server(app.config['LDAP_URI'])
@@ -35,7 +45,27 @@ def authenticate(username, password):
         # We're authenticated! Create the actual user object.
         user = User(id=username, name=name, email=email)
 
+    except Exception as e:
+        message = e
+
     finally:
         connection.unbind()
-        return user
+        return user, message
+
+
+def auth(username, password):
+    user = None
+    message = None
+
+    data = {'id': username, 'password': password}
+    headers = {'Content-Type': 'application/json'}
+
+    r = requests.post(app.config['AUTH_URI'], json=data, headers=headers)
+
+    if r.status_code == 200:
+        json = loads(r.text)
+        user = User(id=json['id'], name=json['name'], email=json['email'])
+    else:
+        message = r.text
 
+    return user, message
diff --git a/goodplays/views.py b/goodplays/views.py
@@ -67,14 +67,11 @@ def login():
         return render_template('login.html', title="Log In", form=form)
 
     if form.validate_on_submit():
-        if app.config.get('BYPASS_LOGIN'):
-            user = forms.username.data
-        else:
-            user = authenticate(form.username.data, form.password.data)
+        user, message = authenticate(form.username.data, form.password.data)
 
         if not user:
-            flash('Login failed.')
-            return render_template('login.html', title="Log In", form=form)
+            flash('Login failed: {}.'.format(message))
+            return render_template('login.html', title='Log In', form=form)
 
         if user and user.is_authenticated:
             db_user = User.query.get(user.id)

diff --git a/sample_config.py b/sample_config.py
@@ -12,10 +12,11 @@
 SQLALCHEMY_DATABASE_URI = 'sqlite:///{}'.format(path.join(basedir, 'app.db'))
 SQLALCHEMY_TRACK_MODIFICATIONS = False
 
-# LDAP
+# Authentication
+AUTH_METHOD = 'LDAP'
+AUTH_URI = None
 LDAP_URI = 'ldap://YOUR.LDAP.URI'
 LDAP_SEARCH_BASE = 'ou=????,dc=????,dc=????'
 
-ADMIN_USERS = ['LDAP.USER.ID.HERE']
-
-BYPASS_LOGIN = False
+# Admin
+ADMIN_USERS = ['USER.ID.HERE']