[Plugin] auth_* Fixed some minor issues

This commit is contained in:
Ferdinand Thiessen 2020-10-29 02:07:40 +01:00
parent 97b6d9d979
commit 50b6ac85ce
2 changed files with 4 additions and 3 deletions

View File

@ -1,6 +1,6 @@
import ssl import ssl
from ldap3.utils.hashed import hashed from ldap3.utils.hashed import hashed
from ldap3 import SUBTREE, MODIFY_REPLACE, HASHED_SALTED_SHA512, HASHED_SALTED_MD5 from ldap3 import SUBTREE, MODIFY_REPLACE, HASHED_SALTED_MD5
from ldap3.core.exceptions import LDAPPasswordIsMandatoryError, LDAPBindError from ldap3.core.exceptions import LDAPPasswordIsMandatoryError, LDAPBindError
from flask import current_app as app from flask import current_app as app
from flask_ldapconn import LDAPConn from flask_ldapconn import LDAPConn
@ -32,6 +32,7 @@ class AuthLDAP(AuthPlugin):
app.config["LDAP_SECRET"] = (config["SECRET"],) app.config["LDAP_SECRET"] = (config["SECRET"],)
self.ldap = LDAPConn(app) self.ldap = LDAPConn(app)
self.dn = config["BASEDN"] self.dn = config["BASEDN"]
# TODO: might not be set if modify is called
if "ADMIN_DN" in config: if "ADMIN_DN" in config:
self.admin_dn = config["ADMIN_DN"] self.admin_dn = config["ADMIN_DN"]
self.admin_secret = config["ADMIN_SECRET"] self.admin_secret = config["ADMIN_SECRET"]

View File

@ -26,11 +26,11 @@ def _verify_password(stored_password, provided_password):
class AuthPlain(AuthPlugin): class AuthPlain(AuthPlugin):
def login(self, user: User, password: str): def login(self, user: User, password: str):
if user.has_attribute("password"): if user.has_attribute("password"):
return _verify_password(user.get_attributes("password"), password) return _verify_password(user.get_attribute("password"), password)
return False return False
def modify_user(self, user, password, new_password=None): def modify_user(self, user, password, new_password=None):
if password is not None and not self.login(user, password): if password is not None and not self.login(user, password):
raise BadRequest raise BadRequest
if new_password: if new_password:
user.attributes["password"].value = _hash_password(new_password) user.set_attribute("password", _hash_password(new_password))