def authenticate(self, request, username=None, password=None):
# check authentication with local database at first.
user = User.objects.filter(username=username,
authenticate_type=User.AUTH_TYPE_LOCAL,
is_active=True).first()
if user and user.check_password(password):
return user
elif user:
# This is necessary not to send a request to check authentication even though
# the specified user is in the local database.
Logger.info("Failed to authenticate user(%s) in local" % username)
return None
if not hasattr(settings, "AUTH_CONFIG"):
Logger.warn(
'"AUTH_CONFIG" parameter is necessary in airone/settings.py')
return None
# If local authentication fails, check it with LDAP server.
if self.is_authenticated(username, password):
# This creates LDAP-authenticated user if necessary. Those of them who
# authenticated by LDAP are distinguished by 'authenticate_type' parameter
# of User object.
(user, _) = User.objects.get_or_create(
**{
"username": username,
"authenticate_type": User.AUTH_TYPE_LDAP,
})
else:
Logger.info("Failed to authenticate user(%s) in LDAP" % username)
return user
def authenticate(self, username=None, password=None):
# check authentication with local database at first.
user = User.objects.filter(username=username,
authenticate_type=User.AUTH_TYPE_LOCAL,
is_active=True).first()
if user and user.check_password(password):
return user
elif user:
# This is necessary not to send a request to check authentication even though
# the specified user is in the local database.
Logger.info('Failed to authenticate user(%s) in local' % username)
return None
if not hasattr(settings, 'AUTH_CONFIG'):
Logger.warn(
'"AUTH_CONFIG" parameter is necessary in airone/settings.py')
return None
# If local authentication fails, check it with LDAP server.
try:
user_dn = None
with ldap3.Connection(CONF_LDAP['SERVER_ADDRESS'],
auto_bind=True) as conn:
if conn.search(search_base=CONF_LDAP['BASE_DN'],
search_scope=ldap3.SUBTREE,
search_filter=CONF_LDAP['SEARCH_FILTER'].format(
username=username)):
user_dn = conn.entries[0].entry_dn
if user_dn:
with ldap3.Connection(CONF_LDAP['SERVER_ADDRESS'],
user=user_dn,
password=password,
auto_bind=True) as conn:
# This creates LDAP-authenticated user if necessary. Those of them who
# authenticated by LDAP are distinguished by 'authenticate_type' parameter
# of User object.
(user, _) = User.objects.update_or_create(
**{
'username': username,
'authenticate_type': User.AUTH_TYPE_LDAP,
})
return user
except ldap_exceptions.LDAPException as e:
Logger.warn('Failed to authenticate user(%s) in LDAP server(%s)' %
(username, e))
from django.conf.urls import url
from airone.lib.log import Logger
from group import views as group_views
from user import views
urlpatterns = [
url(r'^$', views.index, name='index'),
url(r'^edit/(\d+)$', views.edit, name='edit'),
url(r'^do_edit/(\d+)$', views.do_edit, name='do_edit'),
url(r'^edit_passwd/(\d+)$', views.edit_passwd, name='edit_passwd'),
url(r'^do_edit_passwd/(\d+)$', views.do_edit_passwd,
name='do_edit_passwd'),
url(r'^do_su_edit_passwd/(\d+)$',
views.do_su_edit_passwd,
name='do_su_edit_passwd'),
url(r'^create$', views.create, name='create'),
url(r'^do_create$', views.do_create, name='do_create'),
url(r'^do_delete/(\d+)$', views.do_delete, name='do_delete'),
url(r'^export/$', group_views.export, name='export'),
]
try:
from custom_view.user.urls import override_urlpatterns
urlpatterns = override_urlpatterns(urlpatterns)
except ImportError:
Logger.info("There is no URL dispatcher of custom-view")
from airone.lib.log import Logger
from . import views
from .entity.urls import urlpatterns as entity_urlpatterns
from .entry.urls import urlpatterns as entry_urlpatterns
from .job.urls import urlpatterns as job_urlpatterns
from .user import views as user_views
urlpatterns = [
url(r"^user/access_token$", user_views.AccessTokenAPI.as_view()),
url(r"^entity/", include(entity_urlpatterns)),
url(r"^entry/", include(entry_urlpatterns)),
url(r"^job/", include(job_urlpatterns)),
]
# Custom view is prioritized to handle if it exists.
try:
from custom_view.api_v1.urls import urlpatterns as custom_patterns
urlpatterns.append(url(r"^advanced/", include(custom_patterns)))
except ImportError:
Logger.info("advanced API endpoints are unavailable")
try:
from custom_view.api_v1 import views as custom_views
urlpatterns.append(url(r"^entry$", custom_views.CustomEntryAPI.as_view()))
except ImportError:
urlpatterns.append(url(r"^entry$", views.EntryAPI.as_view()))
from django.conf.urls import url, include
from . import views
from .user import views as user_views
from .entity.urls import urlpatterns as entity_urlpatterns
from .entry.urls import urlpatterns as entry_urlpatterns
from .job.urls import urlpatterns as job_urlpatterns
from airone.lib.log import Logger
urlpatterns = [
url(r'^user/access_token$', user_views.AccessTokenAPI.as_view()),
url(r'^entity/', include(entity_urlpatterns)),
url(r'^entry/', include(entry_urlpatterns)),
url(r'^job/', include(job_urlpatterns)),
]
# Custom view is prioritized to handle if it exists.
try:
from custom_view.api_v1.urls import urlpatterns as custom_patterns
urlpatterns.append(url(r'^advanced/', include(custom_patterns)))
except ImportError:
Logger.info('advanced API endpoints are unavailable')
try:
from custom_view.api_v1 import views as custom_views
urlpatterns.append(url(r'^entry$', custom_views.CustomEntryAPI.as_view()))
except ImportError:
urlpatterns.append(url(r'^entry$', views.EntryAPI.as_view()))
def check(self, msg=''):
if self._is_enable():
AIRONE_LOGGER.info('(Profiling result: %fs) %s' %
(time() - self.start_time, msg))