def checkPassword(self, username, password): try: connection = self.getLDAPClient() username = self.escapeLDAP(username) dn = self.findLDAPUser(username) if dn is None: return False connection.bind_s(dn, password) connection.unbind_s() user = FilebasedUserManager.findUser(self, username) if not user: self._logger.debug("Add new user") self.addUser(username, str(uuid.uuid4()), True) return True except ldap.INVALID_CREDENTIALS: self._logger.error("LDAP : Your username or password is incorrect.") return FilebasedUserManager.checkPassword(self, username, password) except ldap.LDAPError, e: if type(e.message) == dict: for (k, v) in e.message.iteritems(): self._logger.error("%s: %sn" % (k, v)) else: self._logger.error(e.message) return False
def findUser(self, userid=None, apikey=None, session=None): """ Find user using FilebasedUserManager, else set temporary user. This is because of implementation of server/api. """ user = FilebasedUserManager.findUser(self, userid, apikey, session) if user is not None: return user # making temporary user because of implementation of api # and we need to pass our code from OAuth to login_user # api login could be found in server/api/__init__.py user = User(userid, "", 1, ["user"]) return user
def findUser(self, userid=None, apikey=None, session=None): local_user = FilebasedUserManager.findUser(self, userid, apikey, session) #If user not exists in local database, search it on LDAP if userid and not local_user: if(self.findLDAPUser(userid)): #Return a fake user instance return User(userid, str(uuid.uuid4()), True, ["user"]) else: return None else : self._logger.debug("Local user found") return local_user
def findUser(self, userid=None, apikey=None, session=None): local_user = FilebasedUserManager.findUser(self, userid, apikey, session) #If user not exists in local database, search it on LDAP if userid and not local_user: if (self.findLDAPUser(userid)): # Return a fake user instance return User( userid, str(uuid.uuid4()), settings().getBoolean( ["plugins", "authldap", "auto_activate"]), self.getRoles()) else: return None else: self._logger.debug("Local user found") return local_user
def login_user(self, user): """ This method logs in the user into OctoPrint using authorization OAuth2. Users user.get_id() should be dict containing redirect_uri and code. It is obtained by view model in static/js folder. Method gets specified data from config yaml - client_id and client_secret, then start OAuth2Session from requests_oauthlib library. Using the library method fetch the access token using method get_token. After that, user is added into users.yaml config file. """ self._cleanup_sessions() if user is None: return if isinstance(user, LocalProxy): user = user._get_current_object() return user if not isinstance(user, User): return None if not isinstance(user, SessionUser): # from get_id we get for each user his redirect uri and code try: redirect_uri = user.get_id()['redirect_uri'] code = user.get_id()['code'] except KeyError: OAuthbasedUserManager.logger.error( "Code or redirect_uri not found") return None client_id = self.oauth2[redirect_uri]["client_id"] client_secret = self.oauth2[redirect_uri]["client_secret"] oauth2_session = OAuth2Session(client_id, redirect_uri=redirect_uri) access_token = self.get_token(oauth2_session, code, client_id, client_secret) if access_token is None: return None username = self.get_username(oauth2_session) if username is None: OAuthbasedUserManager.logger.error("Username none") return None user = FilebasedUserManager.findUser(self, username) if user is None: self.addUser(username, "", True, ["user"]) user = self.findUser(username) if not isinstance(user, SessionUser): user = SessionUser(user) self._session_users_by_session[user.session] = user user_id = user.get_id() if user_id not in self._sessionids_by_userid: self._sessionids_by_userid[user_id] = set() self._sessionids_by_userid[user_id].add(user.session) return user
def changeUserPassword(self, username, password): #Changing password of LDAP users is not allowed if FilebasedUserManager.findUser(self, username) is not None: return FilebasedUserManager.changeUserPassword(self, username, password)