ti-pwa/app.py

import ldap as l
from ldap3 import Server, Connection, ALL, MODIFY_REPLACE
from flask import Flask, g, request, session, redirect, url_for, render_template, send_from_directory
from flask_simpleldap import LDAP
from flask_bootstrap import Bootstrap
import os
from flask_cache_buster import CacheBuster


app = Flask(__name__)
Bootstrap(app)
app.secret_key = 'asdf'
app.debug = True

# Base
app.config['LDAP_REALM_NAME'] = 'OpenLDAP Authentication'
app.config['LDAP_HOST'] = os.environ.get('LDAP_HOST')
app.config['LDAP_BASE_DN'] = os.environ.get('LDAP_BASE_DN')
app.config['LDAP_USERNAME'] = os.environ.get('LDAP_USERNAME')
app.config['LDAP_PASSWORD'] = os.environ.get('LDAP_PASSWORD')

# OpenLDAP 
app.config['LDAP_OBJECTS_DN'] = 'dn'
app.config['LDAP_OPENLDAP'] = True
app.config['LDAP_USER_OBJECT_FILTER'] = '(&(objectclass=posixAccount)(uid=%s))'

ldap = LDAP(app)

config = {
     'extensions': ['.js', '.css', '.csv'],
     'hash_size': 10
}

cache_buster = CacheBuster(config=config)
cache_buster.register_cache_buster(app)

server = Server(app.config['LDAP_HOST'])
conn = Connection(server, app.config['LDAP_USERNAME'], app.config['LDAP_PASSWORD'], auto_bind=True)

@app.before_request
def before_request():
    g.user = None
    if 'user_id' in session:
        # This is where you'd query your database to get the user info.
        g.user = {}


@app.route("/manifest.json")
def manifest():
    return send_from_directory('./', 'manifest.json')


@app.route('/')
@ldap.login_required
def index():
    user_dict = ldap.get_object_details(session['user_id'])

    if 'user_id' in session:
        user = {'dn': 'cn={},cn=usergroup,ou=users,dc=technicalincompetence,dc=club'.format(user_dict['cn'][0].decode('ascii')),
                'firstName': user_dict['givenName'][0].decode('ascii'),
                'lastName': user_dict['sn'][0].decode('ascii'),
                'email': user_dict['mail'][0].decode('ascii'),
                'userName': user_dict['uid'][0].decode('ascii'),
        }

    return render_template('home.j2')


@app.route('/about')
@ldap.login_required
def about():
    return render_template('about.j2')


@app.route('/login', methods=['GET', 'POST'])
def login():
    if g.user:
        return redirect(url_for('index'))
    if request.method == 'POST':
        user = request.form['user']
        passwd = request.form['passwd']
        test = ldap.bind_user(user, passwd)
        if test is None or passwd == '':
            return render_template('login.j2', error='Invalid credentials')
        else:
            session['user_id'] = request.form['user']
            session['passwd'] = request.form['passwd']

            return redirect('/')
    return render_template('login.j2')


@app.route('/logout')
def logout():
    session.pop('user_id', None)
    return redirect(url_for('index'))


if __name__ == '__main__':
    app.run()