Compare commits

..

2 Commits

3 changed files with 22 additions and 12 deletions

View File

@ -41,17 +41,21 @@ def read_configuration(test_config):
update_dict(config, test_config)
def configure_app(app, test_config=None):
def configure_logger():
global config
read_configuration(test_config)
# Always enable this builtin plugins!
update_dict(config, {"auth": {"enabled": True}, "roles": {"enabled": True}, "users": {"enabled": True}})
# Read default config
logger_config = toml.load(_module_path / "logging.toml")
if "LOGGING" in config:
# Override with user config
update_dict(logger_config, config.get("LOGGING"))
# Check for shortcuts
if "level" in config["LOGGING"]:
logger_config["loggers"]["flaschengeist"] = {"level": config["LOGGING"]["level"]}
logger_config["handlers"]["console"]["level"] = config["LOGGING"]["level"]
logger_config["handlers"]["file"]["level"] = config["LOGGING"]["level"]
if not config["LOGGING"].get("console", True):
logger_config["handlers"]["console"]["level"] = "CRITICAL"
if "file" in config["LOGGING"]:
logger_config["root"]["handlers"].append("file")
logger_config["handlers"]["file"]["filename"] = config["LOGGING"]["file"]
@ -59,6 +63,14 @@ def configure_app(app, test_config=None):
path.parent.mkdir(parents=True, exist_ok=True)
logging.config.dictConfig(logger_config)
def configure_app(app, test_config=None):
global config
read_configuration(test_config)
# Always enable this builtin plugins!
update_dict(config, {"auth": {"enabled": True}, "roles": {"enabled": True}, "users": {"enabled": True}})
if "secret_key" not in config["FLASCHENGEIST"]:
logger.warning("No secret key was configured, please configure one for production systems!")
app.config["SECRET_KEY"] = "0a657b97ef546da90b2db91862ad4e29"

View File

@ -6,8 +6,7 @@ from typing import Optional
from flask_ldapconn import LDAPConn
from flask import current_app as app
from ldap3.core.exceptions import LDAPPasswordIsMandatoryError, LDAPBindError
from ldap3 import SUBTREE, MODIFY_REPLACE, MODIFY_ADD, MODIFY_DELETE, HASHED_SALTED_SHA
from ldap3.utils.hashed import hashed
from ldap3 import SUBTREE, MODIFY_REPLACE, MODIFY_ADD, MODIFY_DELETE
from werkzeug.exceptions import BadRequest, InternalServerError, NotFound
from flaschengeist import logger
@ -30,7 +29,6 @@ class AuthLDAP(AuthPlugin):
LDAP_TLS_VERSION=ssl.PROTOCOL_TLS,
FORCE_ATTRIBUTE_VALUE_AS_LIST=True,
)
logger.warning(app.config.get("LDAP_USE_SSL"))
if "ca_cert" in config:
app.config["LDAP_CA_CERTS_FILE"] = config["ca_cert"]
else:
@ -242,7 +240,7 @@ class AuthLDAP(AuthPlugin):
password_hash = base64.b64encode(pbkdf2_hmac("sha512", password.encode("utf-8"), salt, rounds)).decode()
return f"{{PBKDF2-SHA512}}{rounds}${base64.b64encode(salt).decode()}${password_hash}"
else:
return hashed(HASHED_SALTED_SHA, password)
return f"{{SSHA}}{base64.b64encode(sha1(password.encode() + salt).digest() + salt)}"
def _get_groups(self, uid):
groups = []

View File

@ -33,9 +33,9 @@ setup(
scripts=["run_flaschengeist"],
python_requires=">=3.7",
install_requires=[
"Flask >= 1.1",
"Flask >= 2.0",
"toml",
"sqlalchemy>=1.4",
"sqlalchemy>=1.4.26",
"flask_sqlalchemy>=2.5",
"flask_cors",
"Pillow>=8.4.0",