def login(): """ Login the user using their Active Directory credentials. :rtype: flask.Response """ req_json = request.get_json(force=True) _validate_api_input(req_json, 'username', string_types) _validate_api_input(req_json, 'password', string_types) ad = adreset.ad.AD() ad.login(req_json['username'], req_json['password']) username = ad.get_loggedin_user() guid = ad.get_guid(username) user = User.query.filter_by(ad_guid=guid).first() # If the user doesn't exist in the database, this must be their first time logging in, # therefore, an entry for that user must be added to the database if not user: ad.log('debug', 'The user doesn\'t exist in the database, so it will be created') user = User(ad_guid=guid) db.session.add(user) db.session.commit() ad.log('debug', 'The user was successfully created in the database') # The token's identity has the user's GUID since that is unique across the AD Forest and won't # change if the account gets renamed token = create_access_token(identity={'guid': user.ad_guid, 'username': username}) return jsonify({'token': token})
def login(): """ Login the user using their Active Directory credentials. :rtype: flask.Response """ req_json = request.get_json(force=True) _validate_api_input(req_json, 'username', string_types) _validate_api_input(req_json, 'password', string_types) ad = adreset.ad.AD() ad.login(req_json['username'], req_json['password']) username = ad.get_loggedin_user() guid = ad.get_guid(username) user = User.query.filter_by(ad_guid=guid).first() # If the user doesn't exist in the database, this must be their first time logging in, # therefore, an entry for that user must be added to the database if not user: ad.log( 'debug', 'The user doesn\'t exist in the database, so it will be created') user = User(ad_guid=guid) db.session.add(user) db.session.commit() ad.log('debug', 'The user was successfully created in the database') # The token's identity has the user's GUID since that is unique across the AD Forest and won't # change if the account gets renamed token = create_access_token(identity={ 'guid': user.ad_guid, 'username': username }) return jsonify({'token': token})
def get_id_from_ad_username(username, ad=None): """ Query Active Directory to find the user's ID in the database. :param str username: the user's sAMAccountName :kwarg adreset.ad.AD ad: an optional Active Directory session that is logged in with the service account :return: the user's ID in the database :rtype: int or None """ if not ad: ad = adreset.ad.AD() ad.service_account_login() try: user_guid = ad.get_guid(username) except adreset.error.ADError: return None return db.session.query(User.id).filter_by(ad_guid=user_guid).scalar()