flaschengeist/geruecht/controller/mainController/mainPasswordReset.py

from geruecht import ldap, ldapConfig, getDebugLogger
import geruecht.controller.emailController as ec
from ldap3.utils.hashed import hashed
from ldap3 import HASHED_SALTED_MD5, MODIFY_REPLACE
import string
import random

emailController = ec.EmailController()
debug = getDebugLogger()

def randomString(stringLength=8):
    letters = string.ascii_letters + string.digits
    return ''.join(random.choice(letters) for i in range(stringLength))

class Base:
    def resetPassword(self, data):
        debug.info("forgot password {{ {} }}".format(data))
        adminConn = ldap.connect(ldapConfig['ADMIN_DN'], ldapConfig['ADMIN_SECRET'])
        if 'username' in data:
            search = 'uid={}'.format(data['username'].lower())
        elif 'mail' in data:
            search = 'mail={}'.format(data['mail'].lower())
        else:
            debug.error("username or mail not set")
            raise Exception('username or mail not set')
        adminConn.search(ldapConfig['USER_DN'], '(&(objectClass=person)({}))'.format(search),
                         attributes=['cn', 'sn', 'givenName', 'uid', 'mail'])
        for user in adminConn.response:
            user_dn = user['dn']
            uid = user['attributes']['uid'][0]
            mail = user['attributes']['mail'][0]
            mody = {}
            password = randomString()
            salted_password = hashed(HASHED_SALTED_MD5, password)
            mody['userPassword'] = [(MODIFY_REPLACE, [salted_password])]
            debug.info("reset password for {{ {} }}".format(user_dn))
            adminConn.modify(user_dn, mody)
            emailController.sendMail(self.getUser(uid), type='passwordReset', password=password)
            return mail
passwordreset hinzugefügt und gitignore verbessert 2020-06-28 10:31:58 +00:00			`from geruecht import ldap, ldapConfig, getDebugLogger`
			`import geruecht.controller.emailController as ec`
			`from ldap3.utils.hashed import hashed`
			`from ldap3 import HASHED_SALTED_MD5, MODIFY_REPLACE`
			`import string`
			`import random`

			`emailController = ec.EmailController()`
			`debug = getDebugLogger()`

			`def randomString(stringLength=8):`
			`letters = string.ascii_letters + string.digits`
			`return ''.join(random.choice(letters) for i in range(stringLength))`

			`class Base:`
			`def resetPassword(self, data):`
			`debug.info("forgot password {{ {} }}".format(data))`
			`adminConn = ldap.connect(ldapConfig['ADMIN_DN'], ldapConfig['ADMIN_SECRET'])`
			`if 'username' in data:`
			`search = 'uid={}'.format(data['username'].lower())`
			`elif 'mail' in data:`
			`search = 'mail={}'.format(data['mail'].lower())`
			`else:`
			`debug.error("username or mail not set")`
			`raise Exception('username or mail not set')`
			`adminConn.search(ldapConfig['USER_DN'], '(&(objectClass=person)({}))'.format(search),`
			`attributes=['cn', 'sn', 'givenName', 'uid', 'mail'])`
			`for user in adminConn.response:`
			`user_dn = user['dn']`
			`uid = user['attributes']['uid'][0]`
			`mail = user['attributes']['mail'][0]`
			`mody = {}`
			`password = randomString()`
			`salted_password = hashed(HASHED_SALTED_MD5, password)`
			`mody['userPassword'] = [(MODIFY_REPLACE, [salted_password])]`
			`debug.info("reset password for {{ {} }}".format(user_dn))`
			`adminConn.modify(user_dn, mody)`
			`emailController.sendMail(self.getUser(uid), type='passwordReset', password=password)`
			`return mail`