def login():
"""
Login the user using their Active Directory credentials.
:rtype: flask.Response
"""
req_json = request.get_json(force=True)
_validate_api_input(req_json, 'username', string_types)
_validate_api_input(req_json, 'password', string_types)
ad = adreset.ad.AD()
ad.login(req_json['username'], req_json['password'])
username = ad.get_loggedin_user()
guid = ad.get_guid(username)
user = User.query.filter_by(ad_guid=guid).first()
# If the user doesn't exist in the database, this must be their first time logging in,
# therefore, an entry for that user must be added to the database
if not user:
ad.log('debug', 'The user doesn\'t exist in the database, so it will be created')
user = User(ad_guid=guid)
db.session.add(user)
db.session.commit()
ad.log('debug', 'The user was successfully created in the database')
# The token's identity has the user's GUID since that is unique across the AD Forest and won't
# change if the account gets renamed
token = create_access_token(identity={'guid': user.ad_guid, 'username': username})
return jsonify({'token': token})
def login():
"""
Login the user using their Active Directory credentials.
:rtype: flask.Response
"""
req_json = request.get_json(force=True)
_validate_api_input(req_json, 'username', string_types)
_validate_api_input(req_json, 'password', string_types)
ad = adreset.ad.AD()
ad.login(req_json['username'], req_json['password'])
username = ad.get_loggedin_user()
guid = ad.get_guid(username)
user = User.query.filter_by(ad_guid=guid).first()
# If the user doesn't exist in the database, this must be their first time logging in,
# therefore, an entry for that user must be added to the database
if not user:
ad.log(
'debug',
'The user doesn\'t exist in the database, so it will be created')
user = User(ad_guid=guid)
db.session.add(user)
db.session.commit()
ad.log('debug', 'The user was successfully created in the database')
# The token's identity has the user's GUID since that is unique across the AD Forest and won't
# change if the account gets renamed
token = create_access_token(identity={
'guid': user.ad_guid,
'username': username
})
return jsonify({'token': token})
def get_id_from_ad_username(username, ad=None):
"""
Query Active Directory to find the user's ID in the database.
:param str username: the user's sAMAccountName
:kwarg adreset.ad.AD ad: an optional Active Directory session that is logged in with the
service account
:return: the user's ID in the database
:rtype: int or None
"""
if not ad:
ad = adreset.ad.AD()
ad.service_account_login()
try:
user_guid = ad.get_guid(username)
except adreset.error.ADError:
return None
return db.session.query(User.id).filter_by(ad_guid=user_guid).scalar()
def get_id_from_ad_username(username, ad=None):
"""
Query Active Directory to find the user's ID in the database.
:param str username: the user's sAMAccountName
:kwarg adreset.ad.AD ad: an optional Active Directory session that is logged in with the
service account
:return: the user's ID in the database
:rtype: int or None
"""
if not ad:
ad = adreset.ad.AD()
ad.service_account_login()
try:
user_guid = ad.get_guid(username)
except adreset.error.ADError:
return None
return db.session.query(User.id).filter_by(ad_guid=user_guid).scalar()