def clean_password(self): username = self.cleaned_data.get('username') password = self.cleaned_data.get('password') if username and password: mail = checkldap(username,password) if not mail: raise forms.ValidationError(u'LDAP账户不正确') else: try: c = User(username=username, password=make_password(password,None, 'pbkdf2_sha256'),email=mail,is_active=1) c.save() except Exception: pass try: u = Example.objects.get(username=username) u.password = make_password(password,None, 'pbkdf2_sha256') u.save() except Exception: pass self.user_cache = auth.authenticate(username=username,password=password) if self.user_cache is None: raise forms.ValidationError(u'账号密码不匹配') elif not self.user_cache.is_active: raise forms.ValidationError(u'此账号已被禁用') return self.cleaned_data
def clean_password(self): username = self.cleaned_data.get('username') password = self.cleaned_data.get('password') if username and password: mail = checkldap(username, password) if not mail: raise forms.ValidationError(u'LDAP账户不正确') else: try: c = User(username=username, password=make_password(password, None, 'pbkdf2_sha256'), email=mail, is_active=1) c.save() except Exception: pass try: u = Example.objects.get(username=username) u.password = make_password(password, None, 'pbkdf2_sha256') u.save() except Exception: pass self.user_cache = auth.authenticate(username=username, password=password) if self.user_cache is None: raise forms.ValidationError(u'账号密码不匹配') elif not self.user_cache.is_active: raise forms.ValidationError(u'此账号已被禁用') return self.cleaned_data
def addUser(request): jm = PyCrypt(key) if request.method == 'GET': return render_to_response('addUser.html', {'user_menu': 'active'}, context_instance=RequestContext(request)) else: username = request.POST.get('username') password = request.POST.get('password') password_confirm = request.POST.get('password_confirm') keypass = request.POST.get('keypass') keypass_confirm = request.POST.get('keypass_confirm') name = request.POST.get('name') email = request.POST.get('email') error = '' if '' in (username, password, password_confirm, name): error += '带*号内容不能为空。' if User.objects.filter(username=username): error += '用户名已存在。' if password != password_confirm or keypass != keypass_confirm: error += '两次输入密码不匹配。' if error: return render_to_response('addUser.html', { 'error': error, 'user_menu': 'active' }, context_instance=RequestContext(request)) ldap_password = keygen(15) ret = subprocess.call( "%s '%s' '%s';%s '%s';%s '%s' '%s'" % (useradd_shell, username, ldap_password, sudoadd_shell, username, keygen_shell, username, keypass), shell=True) if not ret: ret = subprocess.call('echo %s | passwd --stdin %s' % (password, username), shell=True) if not ret: user = User(username=username, password=jm.encrypt(ldap_password), name=name, email=email) user.save() msg = u'添加用户 %s 成功。' % name else: msg = u'添加用户 %s 失败。' % name else: msg = u'添加用户 %s 失败。' % name return render_to_response('addUser.html', { 'msg': msg, 'user_menu': 'active' }, context_instance=RequestContext(request))
def addUser(request): """添加用户""" jm = PyCrypt(key) if request.method == "GET": return render_to_response("addUser.html", {"user_menu": "active"}, context_instance=RequestContext(request)) else: username = request.POST.get("username") password = request.POST.get("password") password_confirm = request.POST.get("password_confirm") keypass = request.POST.get("keypass") keypass_confirm = request.POST.get("keypass_confirm") name = request.POST.get("name") email = request.POST.get("email") error = "" if "" in (username, password, password_confirm, name): error += "带*号内容不能为空。" if User.objects.filter(username=username): error += "用户名已存在。" if password != password_confirm or keypass != keypass_confirm: error += "两次输入密码不匹配。" if error: return render_to_response( "addUser.html", {"error": error, "user_menu": "active"}, context_instance=RequestContext(request) ) ldap_password = keygen(15) ret = subprocess.call( "%s '%s' '%s';%s '%s';%s '%s' '%s'" % (useradd_shell, username, ldap_password, sudoadd_shell, username, keygen_shell, username, keypass), shell=True, ) if not ret: ret = subprocess.call("echo %s | passwd --stdin %s" % (password, username), shell=True) if not ret: user = User(username=username, password=jm.encrypt(ldap_password), name=name, email=email) user.save() msg = u"添加用户 %s 成功。" % name else: msg = u"添加用户 %s 失败。" % name else: msg = u"添加用户 %s 失败。" % name return render_to_response( "addUser.html", {"msg": msg, "user_menu": "active"}, context_instance=RequestContext(request) )
def install(request): user = User.objects.filter(username='******') if user: error = '已经安装,请出重复安装.' return render_to_response('info.html', {'error': error}) else: u = User(id=800, username='******', password=md5_crypt('admin'), key_pass=md5_crypt('admin'), name='admin', is_admin=False, is_superuser=True, ldap_password=md5_crypt('admin')) u.save() msg = '安装成功' return render_to_response('info.html', {'msg': msg})
def install(request): user = User.objects.filter(username='******') if user: error = '已经安装,请出重复安装.' return render_to_response('info.html', {'error': error}) else: u = User( id=800, username='******', password=md5_crypt('admin'), key_pass=md5_crypt('admin'), name='admin', is_admin=False, is_superuser=True, ldap_password=md5_crypt('admin')) u.save() msg = '安装成功' return render_to_response('info.html', {'msg': msg})
def LoginUser(request): '''用户登录''' count = User.objects.all().count() logger.error(count) if count == 0: user = User() user.name = 'admin' user.set_password('admin') user.is_active = 1 user.is_superuser = 1 user.save() if request.method == 'GET' and request.user.is_authenticated(): return HttpResponseRedirect('/') # if request.method == 'GET' and 'next' in request.GET: # next = request.GET['next'] # else: # next = '/' redirect_to = request.POST.get(REDIRECT_FIELD_NAME, request.GET.get(REDIRECT_FIELD_NAME, '')) errorString = '' if request.method == 'POST': user_cache = auth.authenticate(username=request.POST['username'], password=request.POST['password']) print(user_cache) if user_cache is not None: if user_cache.is_active: auth.login(request, user_cache) return HttpResponseRedirect(redirect_to) else: errorString = '账号被禁用!' else: errorString = '账号密码不匹配' kwvars = { 'request': request, 'next': redirect_to, 'errorString': errorString } return render_to_response('UserManage/login.html', kwvars, RequestContext(request))
def addUser(request): """添加用户""" msg = '' form = UserAddForm() jm = PyCrypt(key) if request.method == 'POST': form = UserAddForm(request.POST) if form.is_valid(): user = form.cleaned_data username = user['username'] password = user['password'] key_pass = user['key_pass'] name = user['name'] is_admin = user['is_admin'] is_superuser = user['is_superuser'] ldap_password = keygen(16) group_post = user['group'] groups = [] # 如果用户是admin,那么不能委任其他admin或者超级用户 if is_admin_user(request): is_admin = False is_superuser = False # 组 for group_name in group_post: groups.append(Group.objects.get(name=group_name)) # 数据中保存用户,如果失败就返回 u = User(username=username, password=md5_crypt(password), key_pass=jm.encrypt(key_pass), name=name, is_admin=is_admin, is_superuser=is_superuser, ldap_password=jm.encrypt(ldap_password)) try: u.save() u.group = groups u.save() except Exception, e: error = u'数据库插入用户错误' + unicode(e) return render_to_response( 'addUser.html', { 'user_menu': 'active', 'form': form, 'error': error }, context_instance=RequestContext(request)) # 系统中添加用户 ret_add = bash('useradd %s' % username) ret_passwd = bash('echo %s | passwd --stdin %s' % (password, username)) ret_rsa = rsa_gen(username, key_pass) if [ret_add, ret_passwd, ret_rsa].count(0) < 3: error = u'跳板机添加用户失败' bash('userdel -r %s' % username) u.delete() return render_to_response( 'addUser.html', { 'user_menu': 'active', 'form': form, 'error': error }, context_instance=RequestContext(request)) # 添加到ldap中 user_dn = "uid=%s,ou=People,%s" % (username, ldap_base_dn) password_sha512 = gen_sha512(keygen(6), ldap_password) user_attr = { 'uid': [str(username)], 'cn': [str(username)], 'objectClass': ['account', 'posixAccount', 'top', 'shadowAccount'], 'userPassword': ['{crypt}%s' % password_sha512], 'shadowLastChange': ['16328'], 'shadowMin': ['0'], 'shadowMax': ['99999'], 'shadowWarning': ['7'], 'loginShell': ['/bin/bash'], 'uidNumber': [str(u.id)], 'gidNumber': [str(u.id)], 'homeDirectory': [str('/home/%s' % username)] } group_dn = "cn=%s,ou=Group,%s" % (username, ldap_base_dn) group_attr = { 'objectClass': ['posixGroup', 'top'], 'cn': [str(username)], 'userPassword': ['{crypt}x'], 'gidNumber': [str(u.id)] } sudo_dn = 'cn=%s,ou=Sudoers,%s' % (username, ldap_base_dn) sudo_attr = { 'objectClass': ['top'], 'objectClass': ['sudoRole'], 'cn': ['%s' % str(username)], 'sudoCommand': ['/bin/pwd'], 'sudoHost': ['192.168.1.1'], 'sudoOption': ['!authenticate'], 'sudoRunAsUser': ['root'], 'sudoUser': ['%s' % str(username)] } ldap_conn = LDAPMgmt() try: ldap_conn.add(user_dn, user_attr) ldap_conn.add(group_dn, group_attr) ldap_conn.add(sudo_dn, sudo_attr) except Exception, e: error = u'添加ladp用户失败' + unicode(e) try: bash('userdel -r %s' % username) u.delete() ldap_conn.delete(user_dn) ldap_conn.delete(group_dn) ldap_conn.delete(sudo_dn) except Exception: pass return render_to_response( 'addUser.html', { 'user_menu': 'active', 'form': form, 'error': error }, context_instance=RequestContext(request)) msg = u'添加用户成功'
def addUser(request): """添加用户""" msg = '' form = UserAddForm() jm = PyCrypt(key) if request.method == 'POST': form = UserAddForm(request.POST) if form.is_valid(): user = form.cleaned_data username = user['username'] password = user['password'] key_pass = user['key_pass'] name = user['name'] is_admin = user['is_admin'] is_superuser = user['is_superuser'] ldap_password = keygen(16) group_post = user['group'] groups = [] # 如果用户是admin,那么不能委任其他admin或者超级用户 if is_admin_user(request): is_admin = False is_superuser = False # 组 for group_name in group_post: groups.append(Group.objects.get(name=group_name)) # 数据中保存用户,如果失败就返回 u = User( username=username, password=md5_crypt(password), key_pass=jm.encrypt(key_pass), name=name, is_admin=is_admin, is_superuser=is_superuser, ldap_password=jm.encrypt(ldap_password)) try: u.save() u.group = groups u.save() except Exception, e: error = u'数据库插入用户错误' + unicode(e) return render_to_response('addUser.html', {'user_menu': 'active', 'form': form, 'error': error}, context_instance=RequestContext(request)) # 系统中添加用户 ret_add = bash('useradd %s' % username) ret_passwd = bash('echo %s | passwd --stdin %s' % (password, username)) ret_rsa = rsa_gen(username, key_pass) if [ret_add, ret_passwd, ret_rsa].count(0) < 3: error = u'跳板机添加用户失败' bash('userdel -r %s' % username) u.delete() return render_to_response('addUser.html', {'user_menu': 'active', 'form': form, 'error': error}, context_instance=RequestContext(request)) # 添加到ldap中 user_dn = "uid=%s,ou=People,%s" % (username, ldap_base_dn) password_sha512 = gen_sha512(keygen(6), ldap_password) user_attr = { 'uid': [str(username)], 'cn': [str(username)], 'objectClass': ['account', 'posixAccount', 'top', 'shadowAccount'], 'userPassword': ['{crypt}%s' % password_sha512], 'shadowLastChange': ['16328'], 'shadowMin': ['0'], 'shadowMax': ['99999'], 'shadowWarning': ['7'], 'loginShell': ['/bin/bash'], 'uidNumber': [str(u.id)], 'gidNumber': [str(u.id)], 'homeDirectory': [str('/home/%s' % username)]} group_dn = "cn=%s,ou=Group,%s" % (username, ldap_base_dn) group_attr = { 'objectClass': ['posixGroup', 'top'], 'cn': [str(username)], 'userPassword': ['{crypt}x'], 'gidNumber': [str(u.id)] } sudo_dn = 'cn=%s,ou=Sudoers,%s' % (username, ldap_base_dn) sudo_attr = { 'objectClass': ['top'], 'objectClass': ['sudoRole'], 'cn': ['%s' % str(username)], 'sudoCommand': ['/bin/pwd'], 'sudoHost': ['192.168.1.1'], 'sudoOption': ['!authenticate'], 'sudoRunAsUser': ['root'], 'sudoUser': ['%s' % str(username)] } ldap_conn = LDAPMgmt() try: ldap_conn.add(user_dn, user_attr) ldap_conn.add(group_dn, group_attr) ldap_conn.add(sudo_dn, sudo_attr) except Exception, e: error = u'添加ladp用户失败' + unicode(e) try: bash('userdel -r %s' % username) u.delete() ldap_conn.delete(user_dn) ldap_conn.delete(group_dn) ldap_conn.delete(sudo_dn) except Exception: pass return render_to_response('addUser.html', {'user_menu': 'active', 'form': form, 'error': error}, context_instance=RequestContext(request)) msg = u'添加用户成功'
def AddUser(request): if request.method == 'POST': user = User() if 'username' in request.POST and request.POST.get('username') != '': data = User.objects.all() for num in range(len(data)): if getattr(data[num], 'username') != request.POST.get('username'): user.username = request.POST.get('username') else: return JsonResponse({ 'errorCode': '0x0010', 'errorString': '用户名重复' }) else: return JsonResponse({ 'errorCode': '0x0003', 'errorString': '必须输入用户名' }) if 'password' in request.POST and request.POST.get('password') == '': return JsonResponse({ 'errorCode': '0x0004', 'errorString': '必须输入密码' }) elif len(request.POST.get('password')) < 8: return JsonResponse({ 'errorCode': '0x0005', 'errorString': '密码必须大于8位' }) else: user.set_password(request.POST.get('password')) user.telephone = request.POST.get('telephone') user.email = request.POST.get('email') user.department = request.POST.get('department') if 'group' in request.POST and request.POST.get('group') == '': return JsonResponse({ 'errorCode': '0x0006', 'errorString': '必须选择用户组' }) else: user.group = GroupList.objects.get(id=request.POST.get('group')) user.is_active = request.POST.getlist('is_active') user.save() return JsonResponse({'errorCode': '0x0000', 'errorString': ''})