def authenticate(self, request, username=None, password=None): # check authentication with local database at first. user = User.objects.filter(username=username, authenticate_type=User.AUTH_TYPE_LOCAL, is_active=True).first() if user and user.check_password(password): return user elif user: # This is necessary not to send a request to check authentication even though # the specified user is in the local database. Logger.info("Failed to authenticate user(%s) in local" % username) return None if not hasattr(settings, "AUTH_CONFIG"): Logger.warn( '"AUTH_CONFIG" parameter is necessary in airone/settings.py') return None # If local authentication fails, check it with LDAP server. if self.is_authenticated(username, password): # This creates LDAP-authenticated user if necessary. Those of them who # authenticated by LDAP are distinguished by 'authenticate_type' parameter # of User object. (user, _) = User.objects.get_or_create( **{ "username": username, "authenticate_type": User.AUTH_TYPE_LDAP, }) else: Logger.info("Failed to authenticate user(%s) in LDAP" % username) return user
def authenticate(self, username=None, password=None): # check authentication with local database at first. user = User.objects.filter(username=username, authenticate_type=User.AUTH_TYPE_LOCAL, is_active=True).first() if user and user.check_password(password): return user elif user: # This is necessary not to send a request to check authentication even though # the specified user is in the local database. Logger.info('Failed to authenticate user(%s) in local' % username) return None if not hasattr(settings, 'AUTH_CONFIG'): Logger.warn( '"AUTH_CONFIG" parameter is necessary in airone/settings.py') return None # If local authentication fails, check it with LDAP server. try: user_dn = None with ldap3.Connection(CONF_LDAP['SERVER_ADDRESS'], auto_bind=True) as conn: if conn.search(search_base=CONF_LDAP['BASE_DN'], search_scope=ldap3.SUBTREE, search_filter=CONF_LDAP['SEARCH_FILTER'].format( username=username)): user_dn = conn.entries[0].entry_dn if user_dn: with ldap3.Connection(CONF_LDAP['SERVER_ADDRESS'], user=user_dn, password=password, auto_bind=True) as conn: # This creates LDAP-authenticated user if necessary. Those of them who # authenticated by LDAP are distinguished by 'authenticate_type' parameter # of User object. (user, _) = User.objects.update_or_create( **{ 'username': username, 'authenticate_type': User.AUTH_TYPE_LDAP, }) return user except ldap_exceptions.LDAPException as e: Logger.warn('Failed to authenticate user(%s) in LDAP server(%s)' % (username, e))
from django.conf.urls import url from airone.lib.log import Logger from group import views as group_views from user import views urlpatterns = [ url(r'^$', views.index, name='index'), url(r'^edit/(\d+)$', views.edit, name='edit'), url(r'^do_edit/(\d+)$', views.do_edit, name='do_edit'), url(r'^edit_passwd/(\d+)$', views.edit_passwd, name='edit_passwd'), url(r'^do_edit_passwd/(\d+)$', views.do_edit_passwd, name='do_edit_passwd'), url(r'^do_su_edit_passwd/(\d+)$', views.do_su_edit_passwd, name='do_su_edit_passwd'), url(r'^create$', views.create, name='create'), url(r'^do_create$', views.do_create, name='do_create'), url(r'^do_delete/(\d+)$', views.do_delete, name='do_delete'), url(r'^export/$', group_views.export, name='export'), ] try: from custom_view.user.urls import override_urlpatterns urlpatterns = override_urlpatterns(urlpatterns) except ImportError: Logger.info("There is no URL dispatcher of custom-view")
from airone.lib.log import Logger from . import views from .entity.urls import urlpatterns as entity_urlpatterns from .entry.urls import urlpatterns as entry_urlpatterns from .job.urls import urlpatterns as job_urlpatterns from .user import views as user_views urlpatterns = [ url(r"^user/access_token$", user_views.AccessTokenAPI.as_view()), url(r"^entity/", include(entity_urlpatterns)), url(r"^entry/", include(entry_urlpatterns)), url(r"^job/", include(job_urlpatterns)), ] # Custom view is prioritized to handle if it exists. try: from custom_view.api_v1.urls import urlpatterns as custom_patterns urlpatterns.append(url(r"^advanced/", include(custom_patterns))) except ImportError: Logger.info("advanced API endpoints are unavailable") try: from custom_view.api_v1 import views as custom_views urlpatterns.append(url(r"^entry$", custom_views.CustomEntryAPI.as_view())) except ImportError: urlpatterns.append(url(r"^entry$", views.EntryAPI.as_view()))
from django.conf.urls import url, include from . import views from .user import views as user_views from .entity.urls import urlpatterns as entity_urlpatterns from .entry.urls import urlpatterns as entry_urlpatterns from .job.urls import urlpatterns as job_urlpatterns from airone.lib.log import Logger urlpatterns = [ url(r'^user/access_token$', user_views.AccessTokenAPI.as_view()), url(r'^entity/', include(entity_urlpatterns)), url(r'^entry/', include(entry_urlpatterns)), url(r'^job/', include(job_urlpatterns)), ] # Custom view is prioritized to handle if it exists. try: from custom_view.api_v1.urls import urlpatterns as custom_patterns urlpatterns.append(url(r'^advanced/', include(custom_patterns))) except ImportError: Logger.info('advanced API endpoints are unavailable') try: from custom_view.api_v1 import views as custom_views urlpatterns.append(url(r'^entry$', custom_views.CustomEntryAPI.as_view())) except ImportError: urlpatterns.append(url(r'^entry$', views.EntryAPI.as_view()))
def check(self, msg=''): if self._is_enable(): AIRONE_LOGGER.info('(Profiling result: %fs) %s' % (time() - self.start_time, msg))