コード例 #1
0
ファイル: profile.py プロジェクト: ajendoubi/baruwa
def retrieve_profile(user):
    "get or create a profile"
    try:
        profile = user.get_profile()
    except UserProfile.DoesNotExist:
        if user.is_superuser:
            account_type = 1
        else:
            account_type = 3
        profile = UserProfile(user=user, account_type=account_type)
        profile.save()
    return profile
コード例 #2
0
ファイル: backends.py プロジェクト: sandroden/baruwa
    def authenticate(self, username=None, password=None):

        if not '@' in username:
            return None

        login_user, domain = username.split('@')
        dom = UserAddresses.objects.filter(address=domain, address_type=1)

        if not dom:
            return None

        hosts = MailAuthHost.objects.filter(useraddress=dom)

        if not hosts:
            return None

        for host in hosts:
            if not host.split_address:
                login_user = username

            if self.mail_auth(host.protocol, login_user, password,
                              host.address, host.port):
                try:
                    user = User.objects.get(username=username)
                except User.DoesNotExist:
                    user = User(username=username)
                    user.set_unusable_password()
                    user.is_staff = False
                    user.is_superuser = False
                    try:
                        from django.forms.fields import email_re
                    except ImportError:
                        from django.core.validators import email_re
                    if email_re.match(username):
                        user.email = username
                    user.save()
                try:
                    profile = user.get_profile()
                except UserProfile.DoesNotExist:
                    profile = UserProfile(user=user, account_type=3)
                    profile.save()
                return user
        return None
コード例 #3
0
ファイル: backends.py プロジェクト: ajendoubi/baruwa
    def authenticate(self, username=None, password=None):

        if not '@' in username:
            return None

        login_user, domain = username.split('@')
        dom = UserAddresses.objects.filter(address=domain, address_type=1)

        if not dom:
            return None

        hosts = MailAuthHost.objects.filter(useraddress=dom)

        if not hosts:
            return None

        for host in hosts:
            if not host.split_address:
                login_user = username

            if self.mail_auth(host.protocol, login_user, password,
                host.address, host.port):
                try:
                    user = User.objects.get(username=username)
                except User.DoesNotExist:
                    user = User(username=username)
                    user.set_unusable_password()
                    user.is_staff = False
                    user.is_superuser = False
                    try:
                        from django.forms.fields import email_re
                    except ImportError:
                        from django.core.validators import email_re
                    if email_re.match(username):
                        user.email = username
                    user.save()
                try:
                    profile = user.get_profile()
                except UserProfile.DoesNotExist:
                    profile = UserProfile(user=user, account_type=3)
                    profile.save()
                return user
        return None
コード例 #4
0
ファイル: ad.py プロジェクト: baruwaproject/baruwa
    def authenticate(self, username=None, password=None):
        """Authenticate to the AD backends"""
        if not '@' in username:
            logger.warning("Domain not specified for %s\n" % username)
            return None

        _, domain = username.split('@')

        dom = UserAddresses.objects.filter(address=domain, address_type=1)
        if not dom:
            logger.warning("AD auth not enabled for %s\n" % domain)
            return None

        hosts = MailAuthHost.objects.filter(useraddress=dom,
                                            protocol=5,
                                            enabled=True)

        if not hosts:
            logger.warning("No AD servers found for %s\n" % domain)
            return None

	adset = None

        for host in hosts:
            # process all hosts
	
            # Query each host for configured AD settings:
            try:
                adset = MailADAuthHost.objects.get(ad_host=host)
                aduser = ADUser(username, host.address, host.port, adset.ad_search_dn, adset.ad_admin_group, adset.ad_user_group, adset.ad_auth_domain)
            except MailADAuthHost.DoesNotExist:
                logger.warning("No MySQL MailADAuthHost; using setting.py AD config\n")
                aduser = ADUser(username, host.address, host.port, adset, adset, adset, adset)

            if not aduser.connect(password):
                logger.warning("AD bind failed for %s\n" % username)
                continue

            user = None

            try:
                user = User.objects.get(username=username)
            except User.DoesNotExist:
                logger.warning("User missing %s. creating\n" % username)
                user = User(username=username,
                            is_staff = False,
                            is_superuser = False)
                user.set_unusable_password()

            if not aduser.get_data():
                logger.warning("AD auth backend failed when reading data for"
                " %s. No Group information available." % username)
                user = None
                continue
            else:
                do_update = False
                for attr in ['first_name',
                            'last_name',
                            'email',
                            'is_superuser']:
                    if not getattr(user, attr) == getattr(aduser, attr):
                        setattr(user, attr, getattr(aduser, attr))
                        do_update = True
                if do_update:
                    user.save()

                if not user.is_superuser:
                    for mail1 in aduser.email_addresses:
                        try:
                            address = UserAddresses.objects.get(user=user,
                                        address=mail1)
                        except UserAddresses.DoesNotExist:
                            address = UserAddresses(user=user,
                                                    address=mail1)
                            address.save()

            logger.info("AD auth backend check passed for %s" % username)
            if user:
                try:
                    profile = user.get_profile()
                except UserProfile.DoesNotExist:
                    account_type = 3
                    if user.is_superuser:
                        account_type = 1
                    profile = UserProfile(user=user,
                                        account_type=account_type)
                    profile.save()
                return user
        return None
コード例 #5
0
ファイル: radius.py プロジェクト: baruwaproject/baruwa
    def authenticate(self, username=None, password=None):
        try:
            from pyrad import packet
            from pyrad.client import Client, Timeout
            from pyrad.dictionary import Dictionary
        except ImportError:
            return None

        if not "@" in username:
            return None

        username = username.decode("utf-8")
        password = password.decode("utf-8")
        login_user, domain = username.split("@")
        dom = UserAddresses.objects.filter(address=domain, address_type=1)

        if not dom:
            return None

        hosts = MailAuthHost.objects.filter(useraddress=dom, protocol=4)

        if not hosts:
            return None

        for host in hosts:
            if not host.split_address:
                login_user = username

            try:
                client = Client(
                    server=host.address,
                    authport=host.port,
                    secret=settings.RADIUS_SECRET[host.address].encode("utf-8"),
                    dict=Dictionary(StringIO(DICTIONARY)),
                )
            except AttributeError:
                continue

            request = client.CreateAuthPacket(code=packet.Accessrequest, User_Name=login_user)
            request["User-Password"] = request.PwCrypt(password)
            try:
                reply = client.SendPacket(request)
                if reply.code == packet.AccessReject or reply.code != packet.AccessAccept:
                    continue
            except (Timeout, Exception):
                continue
            try:
                user = User.objects.get(username=username)
            except User.DoesNotExist:
                user = User(username=username)
                user.set_unusable_password()
                user.is_staff = False
                user.is_superuser = False
                if email_re.match(username):
                    user.email = username
                user.save()
            try:
                profile = user.get_profile()
            except UserProfile.DoesNotExist:
                profile = UserProfile(user=user, account_type=3)
                profile.save()
            return user
        return None
コード例 #6
0
    def authenticate(self, username=None, password=None):
        try:
            from pyrad import packet
            from pyrad.client import Client, Timeout
            from pyrad.dictionary import Dictionary
        except ImportError:
            return None

        if not '@' in username:
            return None

        username = username.decode('utf-8')
        password = password.decode('utf-8')
        login_user, domain = username.split('@')
        dom = UserAddresses.objects.filter(address=domain, address_type=1)

        if not dom:
            return None

        hosts = MailAuthHost.objects.filter(useraddress=dom, protocol=3)

        if not hosts:
            return None

        for host in hosts:
            if not host.split_address:
                login_user = username

            try:
                client = Client(
                    server=host.address,
                    authport=host.port,
                    secret=settings.RADIUS_SECRET[host.address].encode(
                        'utf-8'),
                    dict=Dictionary(StringIO(DICTIONARY)),
                )
            except AttributeError:
                return None

            request = client.CreateAuthPacket(
                code=packet.Accessrequestuest,
                User_Name=login_user,
            )
            request["User-Password"] = request.PwCrypt(password)
            try:
                reply = client.SendPacket(request)
            except Timeout:
                return None
            except Exception:
                return None
            if reply.code == packet.AccessReject:
                return None
            if reply.code != packet.AccessAccept:
                return None
            try:
                user = User.objects.get(username=username)
            except User.DoesNotExist:
                user = User(username=username)
                user.set_unusable_password()
                user.is_staff = False
                user.is_superuser = False
                if email_re.match(username):
                    user.email = username
                user.save()
            try:
                profile = user.get_profile()
            except UserProfile.DoesNotExist:
                profile = UserProfile(user=user, account_type=3)
                profile.save()
            return user
        return None