def create_app(config_name):
app = Flask(__name__, instance_relative_config=True)
app.config.from_object(app_config['development'])
app.config.from_pyfile('config.py')
Bootstrap(app)
db.init_app(app)
login_manager.init_app(app)
login_manager.login_message = "You must be logged in to access this page."
login_manager.login_view = "auth.login"
migrate = Migrate(app, db)
from my_app import models
from .admin import admin as admin_blueprint
app.register_blueprint(admin_blueprint, url_prefix='/admin')
from .auth import auth as auth_blueprint
app.register_blueprint(auth_blueprint)
from .home import home as home_blueprint
app.register_blueprint(home_blueprint)
ldap = LDAPConn(app)
return app
def setUp(self):
app = flask.Flask(__name__)
app.config.from_object(__name__)
app.config.from_envvar('LDAP_SETTINGS', silent=True)
ldap = LDAPConn(app)
self.app = app
self.ldap = ldap
def setUp(self):
app = flask.Flask(__name__)
app.config.from_object(__name__)
app.config.from_envvar('LDAP_SETTINGS', silent=True)
app.config['LDAP_PORT'] = app.config.get('LDAP_SSL_PORT', 636)
app.config['LDAP_USE_SSL'] = True
ldap = LDAPConn(app)
self.app = app
self.ldap = ldap
class User(LDAPEntry, UserMixin):
_ldap = LDAPConn(app)
base_dn = app.config['LDAP_USER_BASEDN']
object_classes = ['inetOrgPerson']
name = Attribute('displayName')
email = Attribute('mail')
userid = Attribute('uid')
avatar = Attribute('jpegPhoto')
last_name = Attribute('sn')
first_name = Attribute('givenName')
title = Attribute('title')
locked = Attribute('nsaccountlock')
email_alias = Attribute('mailalternateaddress')
subject_pronoun = Attribute('subjectPronoun')
object_pronoun = Attribute('objectPronoun')
def check_password(self, password):
if self.password is None:
return False
return self._ldap.authenticate(self.dn, password)
# ================================================================
# Class methods
@classmethod
def authenticate(cls, login, password):
user = User.query.filter('userid: {}'.format(login)).first()
if user:
authenticated = user.check_password(password)
else:
authenticated = False
return user, authenticated
"""@classmethod
def search(cls, keywords):
criteria = []
for keyword in keywords.split():
keyword = '%' + keyword + '%'
criteria.append(db.or_(
User.name.ilike(keyword),
User.email.ilike(keyword),
))
q = reduce(db.and_, criteria)
return cls.query.filter(q)"""
@classmethod
def get_by_id(cls, user_id):
return User.query.filter('userid: {}'.format(user_id)).first()
"""def check_name(self, name):
def setUp(self):
app = flask.Flask(__name__)
app.config.from_object(__name__)
app.config.from_envvar('LDAP_SETTINGS', silent=True)
app.config['LDAP_BINDDN'] = None
app.config['LDAP_SECRET'] = None
app.config['LDAP_USE_TLS'] = False
ldap = LDAPConn(app)
self.app = app
self.ldap = ldap
def setUp(self):
app = flask.Flask(__name__)
app.config.from_object(__name__)
app.config.from_envvar('LDAP_SETTINGS', silent=True)
app.config['LDAP_BINDDN'] = None
app.config['LDAP_SECRET'] = None
app.config['LDAP_REQUIRE_CERT'] = ssl.CERT_REQUIRED
ldap = LDAPConn(app)
self.app = app
self.ldap = ldap
# -*- coding: utf-8 -*-
import logging
from flask import Flask
from flask_ldapconn import LDAPConn
app = Flask(__name__)
app.config.from_pyfile('config.py')
logging.basicConfig(level=app.config['RP_LOGLEVEL'])
ldap = LDAPConn(app)
from fido2.server import RelyingParty
rp = RelyingParty(app.config['RP_HOST'], app.config['RP_NAME'])
from . import views
from . import filters
from . import models
from . import cli
# -*- coding: utf-8 -*- from flask_sqlalchemy import SQLAlchemy from flask_cors import CORS from flask_ldapconn import LDAPConn from flasgger import Swagger from flask_migrate import Migrate cors = CORS() ldap = LDAPConn() swagger = Swagger() db = SQLAlchemy() migrate = Migrate()
config['appconfig']['PREFERRED_URL_SCHEME'] = 'https'
if not 'ciphers' in config['ssl']:
config['ssl']['ciphers'] = 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH'
if not 'dh_params' in config['ssl']:
config['ssl']['dh_params'] = '/etc/cteward/dhparams.pem'
app = Flask(config['name'], template_folder='templates')
app.debug = config['debug']
app.secret_key = config['secret']
app.config.update(config['appconfig'])
if 'ldapconfig' in config:
app.config.update(config['ldapconfig'])
if not 'LDAP_VERIFY_SSL' in config['ldapconfig'] or config['ldapconfig']['LDAP_VERIFY_SSL']:
app.config.update({'LDAP_REQUIRE_CERT': ssl.CERT_REQUIRED})
ldap = LDAPConn(app)
db = SQLAlchemy(app)
oauth = OAuth2Provider(app)
if 'ssl' in config:
ssl_context = ssl.SSLContext(ssl.PROTOCOL_TLSv1_2)
ssl_context.load_cert_chain(config['ssl']['certfile'],config['ssl']['keyfile'])
ssl_context.set_ciphers(config['ssl']['ciphers'])
ssl_context.options |= ssl.OP_CIPHER_SERVER_PREFERENCE
ssl_context.load_dh_params(config['ssl']['dh_params'])
# FIXME: missing OCSP stapling
# FIXME: disable SSL session tickets
else:
ssl_context = None
from six import text_type
from flask import Flask
from flask_redis import FlaskRedis
from flask_ldapconn import LDAPConn
app = Flask('lavatar')
app.config.from_object('lavatar.default_settings')
app.config.from_envvar('LAVATAR_SETTINGS', silent=True)
if not app.debug:
app.logger.addHandler(logging.StreamHandler())
app.logger.setLevel(logging.INFO)
redis_store = FlaskRedis(app)
ldap_conn = LDAPConn(app)
class User(ldap_conn.Entry):
base_dn = app.config['LDAP_USER_BASEDN']
object_class = app.config['LDAP_USER_OBJECTCLASS']
if isinstance(app.config['LDAP_USER_ATTR_MAIL'], str):
app.config['LDAP_USER_ATTR_MAIL'] = [app.config['LDAP_USER_ATTR_MAIL']]
mail = ldap_conn.Attribute(app.config['LDAP_USER_ATTR_MAIL'][0])
for i, attr in enumerate(app.config['LDAP_USER_ATTR_MAIL'][1:]):
exec("mail" + str(i) + "=ldap_conn.Attribute('" + attr + "')")
photo = ldap_conn.Attribute(app.config['LDAP_USER_ATTR_PHOTO'])
# md5sum thread
def update_md5db_thread():
