dan
/
ti-pwa


								import ldap as l

								from ldap3 import Server, Connection, ALL, MODIFY_REPLACE

								from flask import Flask, g, request, session, redirect, url_for, render_template, send_from_directory

								from flask_simpleldap import LDAP

								from flask_bootstrap import Bootstrap

								import os

								from flask_cache_buster import CacheBuster


								app = Flask(__name__)

								Bootstrap(app)

								app.secret_key = 'asdf'

								app.debug = True


								# Base

								app.config['LDAP_REALM_NAME'] = 'OpenLDAP Authentication'

								app.config['LDAP_HOST'] = os.environ.get('LDAP_HOST')

								app.config['LDAP_BASE_DN'] = os.environ.get('LDAP_BASE_DN')

								app.config['LDAP_USERNAME'] = os.environ.get('LDAP_USERNAME')

								app.config['LDAP_PASSWORD'] = os.environ.get('LDAP_PASSWORD')


								# OpenLDAP

								app.config['LDAP_OBJECTS_DN'] = 'dn'

								app.config['LDAP_OPENLDAP'] = True

								app.config['LDAP_USER_OBJECT_FILTER'] = '(&(objectclass=posixAccount)(uid=%s))'


								ldap = LDAP(app)


								config = {

								     'extensions': ['.js', '.css', '.csv'],

								     'hash_size': 10

								}


								cache_buster = CacheBuster(config=config)

								cache_buster.register_cache_buster(app)


								server = Server(app.config['LDAP_HOST'])

								conn = Connection(server, app.config['LDAP_USERNAME'], app.config['LDAP_PASSWORD'], auto_bind=True)


								@app.before_request

								def before_request():

								    g.user = None

								    if 'user_id' in session:

								        # This is where you'd query your database to get the user info.

								        g.user = {}


								@app.route("/manifest.json")

								def manifest():

								    return send_from_directory('./', 'manifest.json')


								@app.route('/')

								@ldap.login_required

								def index():

								    user_dict = ldap.get_object_details(session['user_id'])


								    if 'user_id' in session:

								        user = {'dn': 'cn={},cn=usergroup,ou=users,dc=technicalincompetence,dc=club'.format(user_dict['cn'][0].decode('ascii')),

								                'firstName': user_dict['givenName'][0].decode('ascii'),

								                'lastName': user_dict['sn'][0].decode('ascii'),

								                'email': user_dict['mail'][0].decode('ascii'),

								                'userName': user_dict['uid'][0].decode('ascii'),

								        }


								    return render_template('home.j2')


								@app.route('/about')

								@ldap.login_required

								def about():

								    return render_template('about.j2')


								@app.route('/login', methods=['GET', 'POST'])

								def login():

								    if g.user:

								        return redirect(url_for('index'))

								    if request.method == 'POST':

								        user = request.form['user']

								        passwd = request.form['passwd']

								        test = ldap.bind_user(user, passwd)

								        if test is None or passwd == '':

								            return render_template('login.j2', error='Invalid credentials')

								        else:

								            session['user_id'] = request.form['user']

								            session['passwd'] = request.form['passwd']


								            return redirect('/')

								    return render_template('login.j2')


								@app.route('/logout')

								def logout():

								    session.pop('user_id', None)

								    return redirect(url_for('index'))


								if __name__ == '__main__':

								    app.run()