def user_add(): if app.config['LDAP_AUTH']: abort(404) error_fields = [] if current_user.username != 'admin': abort(403) if request.method == 'POST': username = request.form['username'].strip() if len(username) <= 2: error_fields.append('username') if len(username) > 8: error_fields.append('username') if not username.isalnum(): error_fields.append('username') if User.query.filter_by(username=username).count() > 0: error_fields.append('username') name = request.form['name'].strip() if len(name) <= 0: error_fields.append('name') email = request.form['email'].strip() if len(email) <= 3: error_fields.append('email') password = request.form['password'].strip() if len(password) <= 0: error_fields.append('password') # Create user if no errors if len(error_fields) <= 0: db.session.add(User(username, name, email)) db.session.commit() user = User.query.filter_by(username=username).first() user.set_password(password) db.session.commit() flash("User added.") return redirect(url_for('admin.users')) return render_template('admin/user_add.html', error_fields=error_fields)
def initdb(username, password): """Initialize the database.""" click.echo("Initialize the database...") db.create_all() dj = DJ(u"Automation", u"Automation", False) db.session.add(dj) db.session.commit() cats = [ Category(u"Events", u"events", True), Category(u"Music Adds", u"music-adds", True), Category(u"Programming", u"programming", True), Category(u"Updates", u"station-updates", True), Category(u"Woove", u"woove", True) ] for cat in cats: db.session.add(cat) # Create the first account click.echo("Create {0} user...".format(username)) user = User(unicode(username), unicode(username), u"{0}@localhost".format(username)) user.set_password(unicode(password)) db.session.add(user) # The first Rotation is always the default db.session.add(Rotation(u"None")) map( db.session.add, map(Rotation, [u"Metal", u"New Music", u"Jazz", u"Rock", u"Americana"])) db.session.commit() click.echo("Database initialized.")
def login(): errors = [] if 'username' in request.form: if app.config['LDAP_AUTH']: if len(request.form['password']) > 0: o = orthrus.Orthrus( ldap_uri=app.config['LDAP_URI'], user_template_dn=app.config['LDAP_AUTH_DN'], group_base_dn=app.config['LDAP_BASE_DN'], role_mapping={ 'admin': app.config['LDAP_GROUPS_ADMIN'], 'content': app.config['LDAP_GROUPS_CONTENT'], 'business': app.config['LDAP_GROUPS_BUSINESS'], 'library': app.config['LDAP_GROUPS_LIBRARY'], 'missioncontrol': app.config['LDAP_GROUPS_MISSIONCONTROL'], }, verify=app.config['LDAP_VERIFY']) try: r = o.authenticate(request.form['username'], request.form['password'], ['uid', 'cn', 'mail']) if r[0] is True: user = User.query.filter( User.username == r[1]['uid'][0]).first() if user is None: # create new user in the database, since one does # not already exist for this orthrus user user = User(r[1]['uid'][0], r[1]['cn'][0], r[1]['mail'][0]) db.session.add(user) db.session.commit() else: # update existing user data in database user.name = r[1]['cn'][0] user.email = r[1]['mail'][0] db.session.commit() login_user(user) session['username'] = user.username session['access'] = r[2] log_auth_success("orthrus", user.username, request) return redirect_back('admin.index') else: log_auth_failure("orthrus", request.form['username'], request) errors.append("Invalid username or password.") except Exception as e: app.logger.error("wuvt-site: orthrus: {}".format(e)) errors.append("Authentication backend error.") else: log_auth_failure("orthrus", request.form['username'], request) errors.append("Invalid username or password.") else: user = User.query.filter( User.username == request.form['username']).first() if user and user.check_password(request.form['password']): login_user(user) session['username'] = user.username session['access'] = [ 'admin', 'content', 'library', 'missioncontrol', 'business' ] log_auth_success("DB", user.username, request) return redirect_back('admin.index') else: log_auth_failure("DB", request.form['username'], request) errors.append("Invalid username or password.") return render_template('auth/login.html', next=request.values.get('next') or "", errors=errors)
from wuvt.trackman.models import DJ, Rotation from wuvt.models import User db.create_all() dj = DJ(u"Automation", u"Automation", False) db.session.add(dj) db.session.commit() cats = [ Category(u"Events", u"events", True), Category(u"Music Adds", u"music-adds", True), Category(u"Programming", u"programming", True), Category(u"Updates", u"station-updates", True), Category(u"Woove", u"woove", True) ] for cat in cats: db.session.add(cat) # There must be a user called 'admin'. This is hardcoded in everything to be the superuser. user = User(u"admin", u"admin", u"*****@*****.**") user.set_password(u"Password1!") db.session.add(user) # The first Rotation is always the default db.session.add(Rotation(u"None")) map(db.session.add, map(Rotation, [u"Metal", u"New Music", u"Jazz", u"Rock", u"Americana"])) db.session.commit()