def get(self, uid, pwd): if session.__contains__(USER_SESSION): User.add(session[USER_SESSION]) return self.fail("已登录") if not session.__contains__(KEY_SESSION): raise ExceptionEx("未申请密钥") uid = crypt.desc(uid) pwd = crypt.desc(pwd) ldap = Ldap() if not ldap.auth(uid, pwd): return self.fail("用户名或密码错误") dn, _user = ldap.search(uid).first() User.add(_user) session[USER_SESSION] = _user return self.succ(session[USER_SESSION])
def auth(self): return True def put(self, uid, oldpass=None, newpass=None): if not oldpass: if not session.__contains__(USER_SESSION): raise ExceptionEx("未登录") if not User.get(session[USER_SESSION]["uid"])["is_admin"]: raise ExceptionEx("权限不足") if not uid or uid in ["*", u"*"]: return self.fail("无效的用户名") newpass = newpass if newpass else crypt.randpass() ldap = Ldap() if not ldap.reset_pwd(uid, newpass, oldpass): return self.fail() mail = Mail() mail.to(uid, newpass) return self.succ() if oldpass else self.succ(newpass) if __name__ == "__main__": ldap = Ldap() print ldap.auth("arvin.yang", "QTPSN2WG")