Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # -*- coding: utf-8 -*-
- from django.conf import settings
- from django.core.cache import cache
- from django.core.urlresolvers import reverse
- from django.http import HttpResponse,HttpResponseRedirect
- from django.shortcuts import render_to_response
- from django.contrib.auth import authenticate
- from LdapHRWebUI.hr.models import LdapObject
- from pumpkin import exceptions
- class User():
- backend='ldap'
- id=''
- username=""
- db=""
- password=""
- def __init__(self,username=None,password=None,dn=None):
- if username is not None: self.username=username
- if password is not None: self.password=password
- if dn is not None: self.dn=dn
- def save(self):
- self.id=self.username
- cache.set_many({self.id+'-username':self.username,self.id+'-password':self.password,self.id+'-dn':self.dn},settings.AUTH_TIMEOUT)
- def load(self,user_id):
- self.id=cache.get(str(user_id)+'-username')
- self.username=self.id
- self.password=cache.get(str(user_id)+'-password')
- self.dn=cache.get(str(user_id)+'-dn')
- if (self.dn is None) or (self.password is None) or (self.username is None):
- raise NameError('Auth timeout error')
- self.save() #re save cache
- def drop(self,user_id):
- self.id=self.username
- cache.delete_many([self.id+'-username',self.id+'-password',self.id+'-dn'])
- def is_authenticated(self):
- return True
- def is_anonymous(self):
- return False
- class Backend():
- def authenticate(self, username=None, password=None):
- dn=""
- try:
- ldap_obj=LdapObject()
- if len(username.split(','))>1:
- dn=username
- else:
- #username=string.replace(username,',','\,')
- dn=settings.LDAP_BIND_PARAM+'='+username+','+settings.LDAP_BIND_CATALOG
- ldap_obj.bind(dn,password)
- #ldap_conn=ldap_obj.bind(dn,password)
- except exceptions.InvalidAuth:
- return None
- user=User(username,password,dn)
- user.save()
- return user
- def get_user(self, user_id):
- user=User()
- try:
- user.load(user_id)
- ldap_obj=LdapObject()
- ldap_obj.bind(user.dn,user.password)
- return user
- except:
- return None
- def login(request):
- if not request.user.is_authenticated():
- if request.method == 'POST':
- if ('nocookie' in request.POST) or request.session.test_cookie_worked():
- if 'nocookie' not in request.POST:
- request.session.delete_test_cookie()
- try:
- user = authenticate(username=request.POST['username'], password=request.POST['password'])
- if user is not None:
- from django.contrib.auth import login
- login(request, user)
- return HttpResponseRedirect(request.POST['next'])
- else:
- return HttpResponse("Неверные реквизиты доступа.")
- except exceptions.ServerDown:
- return HttpResponse("Не удалось соединиться с сервером Ldap")
- else:
- return HttpResponse("Пожалуйста проверьте настройки cookie в Вашем браузере.")
- redirect_url=''
- if 'next' not in request.GET:
- redirect_url=reverse('index')
- else:
- redirect_url=request.GET['next']
- request.session.set_test_cookie()
- return render_to_response('hr/login.html', {'form_action':reverse('login'),'redirect_url':redirect_url})
- else:
- return HttpResponseRedirect(reverse('index'))
- def logout(request):
- user=User()
- user.drop(request.user.username)
- from django.contrib.auth import logout
- logout(request)
- return HttpResponseRedirect(reverse('login'))
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement