mirror of
https://github.com/janeczku/calibre-web
synced 2024-09-27 14:48:22 +00:00
add LDAP user auto-creation functionality
Signed-off-by: Aisha Tammy <aisha@bsd.ac>
This commit is contained in:
parent
4401cf66d1
commit
3cb6f1ca3e
@ -1179,6 +1179,7 @@ def _configuration_ldap_helper(to_save):
|
||||
reboot_required |= _config_string(to_save, "config_ldap_cert_path")
|
||||
reboot_required |= _config_string(to_save, "config_ldap_key_path")
|
||||
_config_string(to_save, "config_ldap_group_name")
|
||||
_config_checkbox(to_save, "config_ldap_autocreate_user")
|
||||
|
||||
address = urlparse(to_save.get("config_ldap_provider_url", ""))
|
||||
to_save["config_ldap_provider_url"] = (address.hostname or address.path).strip("/")
|
||||
|
@ -137,6 +137,7 @@ class _Settings(_Base):
|
||||
config_ldap_group_object_filter = Column(String, default='(&(objectclass=posixGroup)(cn=%s))')
|
||||
config_ldap_group_members_field = Column(String, default='memberUid')
|
||||
config_ldap_group_name = Column(String, default='calibreweb')
|
||||
config_ldap_autocreate_user = Column(Boolean, default=False)
|
||||
|
||||
config_kepubifypath = Column(String, default=None)
|
||||
config_converterpath = Column(String, default=None)
|
||||
|
@ -260,6 +260,10 @@
|
||||
<div class="form-group">
|
||||
<input type="checkbox" id="config_ldap_openldap" name="config_ldap_openldap" {% if config.config_ldap_openldap %}checked{% endif %}>
|
||||
<label for="config_ldap_openldap">{{_('LDAP Server is OpenLDAP?')}}</label>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<input type="checkbox" id="config_ldap_autocreate_user" name="config_ldap_autocreate_user" {% if config.config_ldap_autocreate_user %}checked{% endif %}>
|
||||
<label for="config_ldap_autocreate_user">{{_('Automatically create the user when logging in?')}}</label>
|
||||
</div>
|
||||
<h4 class="text-center">{{_('Following Settings are Needed For User Import')}}</h4>
|
||||
<div class="form-group">
|
||||
|
26
cps/web.py
26
cps/web.py
@ -43,6 +43,7 @@ from werkzeug.security import generate_password_hash, check_password_hash
|
||||
from . import constants, logger, isoLanguages, services
|
||||
from . import db, ub, config, app
|
||||
from . import calibre_db, kobo_sync_status
|
||||
from .admin import ldap_import_create_user
|
||||
from .search import render_search_results, render_adv_search_results
|
||||
from .gdriveutils import getFileFromEbooksFolder, do_gdrive_download
|
||||
from .helper import check_valid_domain, check_email, check_username, \
|
||||
@ -1360,14 +1361,27 @@ def login_post():
|
||||
user = ub.session.query(ub.User).filter(func.lower(ub.User.name) == form.get('username', "").strip().lower()) \
|
||||
.first()
|
||||
remember_me = bool(form.get('remember_me'))
|
||||
if config.config_login_type == constants.LOGIN_LDAP and services.ldap and user and form['password'] != "":
|
||||
if config.config_login_type == constants.LOGIN_LDAP and services.ldap and (user or config.config_ldap_autocreate_user) and form['password'] != "":
|
||||
login_result, error = services.ldap.bind_user(form['username'], form['password'])
|
||||
if login_result:
|
||||
log.debug(u"You are now logged in as: '{}'".format(user.name))
|
||||
return handle_login_user(user,
|
||||
remember_me,
|
||||
_(u"you are now logged in as: '%(nickname)s'", nickname=user.name),
|
||||
"success")
|
||||
log.debug(u"LDAP Login succeeded for user: '{}'".format(form['username']))
|
||||
if config.config_ldap_autocreate_user and not user:
|
||||
log.debug(u"LDAP login succeeded but user does not exist but auto-create has been enabled; trying to create the user")
|
||||
user_data = services.ldap.get_object_details(user=form['username'], query_filter=config.config_ldap_user_object)
|
||||
user_count, message = ldap_import_create_user(user, user_data)
|
||||
user = ub.session.query(ub.User).filter(func.lower(ub.User.name) == form.get('username', "").strip().lower()).first()
|
||||
if not user:
|
||||
log.error(u"LDAP user auto creation failed")
|
||||
|
||||
if user:
|
||||
log.debug("You are now logged in as: '{}'".format(user.name))
|
||||
return handle_login_user(user,
|
||||
remember_me,
|
||||
_(u"you are now logged in as: '%(nickname)s'", nickname=user.name),
|
||||
"success")
|
||||
else:
|
||||
log.info("Login failed for user '{}'".format(user.name))
|
||||
flash(_(u"Wrong Username or Password"), category="error")
|
||||
elif login_result is None and user and check_password_hash(str(user.password), form['password']) \
|
||||
and user.name != "Guest":
|
||||
log.info("Local Fallback Login as: '{}'".format(user.name))
|
||||
|
Loading…
Reference in New Issue
Block a user