mgoetz/ldap_account_manager
Archived
2
2
Fork 0
Code Issues 9 Pull Requests Releases 2 Wiki Activity

Implement duplicate user protection

Browse Source
This commit is contained in:
Götz 2019-04-11 16:20:40 +02:00
parent 1ceaae4976
commit ca070aa24a
1 changed files with 31 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
account_manager/models.py
View File

@ -12,6 +12,8 @@ from ldapdb.models.base import Model
from core.settings import PASSWORD_RESET_TIMEOUT_DAYS from core.settings import PASSWORD_RESET_TIMEOUT_DAYS
from account_manager.utils.mail_utils import realm_send_mail from account_manager.utils.mail_utils import realm_send_mail
from multiprocessing import Process from multiprocessing import Process
from ldap import NO_SUCH_OBJECT, ALREADY_EXISTS
from django.core.exceptions import ObjectDoesNotExist
class LdapUser(Model): class LdapUser(Model):
@ -42,22 +44,26 @@ class LdapUser(Model):
@staticmethod @staticmethod
def create_with_django_user_creation_and_welcome_mail(realm, protocol, domain, username, email): def create_with_django_user_creation_and_welcome_mail(realm, protocol, domain, username, email):
ldap_user = LdapUser.objects.create(username=username, email=email, first_name=" ", last_name=" ") if not LdapUser.is_user_duplicate(username):
user, _ = User.objects.get_or_create(username=username, email=email) LdapUser.base_dn = f'ou=people, {realm.ldap_base_dn}'
mail_subject = 'Activate your blog account.' ldap_user = LdapUser.objects.create(username=username, email=email, first_name=" ", last_name=" ")
message = render_to_string('registration/welcome_email.jinja2', { user, _ = User.objects.get_or_create(username=username, email=email)
'user': user, mail_subject = 'Activate your blog account.'
'domain': domain, message = render_to_string('registration/welcome_email.jinja2', {
'uid': urlsafe_base64_encode(force_bytes(user.pk)).decode(), 'user': user,
'token': default_token_generator.make_token(user=user), 'domain': domain,
'protocol': protocol, 'uid': urlsafe_base64_encode(force_bytes(user.pk)).decode(),
'email': email, 'token': default_token_generator.make_token(user=user),
'expiration_days': PASSWORD_RESET_TIMEOUT_DAYS 'protocol': protocol,
}) 'email': email,
# TODO failure handling 'expiration_days': PASSWORD_RESET_TIMEOUT_DAYS
p1 = Process(target=realm_send_mail, args=(realm, user.email, mail_subject, message)) })
p1.start() # TODO failure handling
return ldap_user p1 = Process(target=realm_send_mail, args=(realm, user.email, mail_subject, message))
p1.start()
return ldap_user
else:
raise ALREADY_EXISTS('User already exists')
@staticmethod @staticmethod
def password_reset(user, raw_password): def password_reset(user, raw_password):
@ -67,6 +73,15 @@ class LdapUser(Model):
LdapUser.base_dn = re.compile('(uid=[a-zA-Z0-9_]*),(.*)').match(ldap_user.dn).group(2) LdapUser.base_dn = re.compile('(uid=[a-zA-Z0-9_]*),(.*)').match(ldap_user.dn).group(2)
ldap_user.save() ldap_user.save()
@staticmethod
def is_user_duplicate(username):
LdapUser.base_dn = LdapUser.ROOT_DN
try:
LdapUser.objects.get(username=username)
return True
except (NO_SUCH_OBJECT, ObjectDoesNotExist) as err:
return False
class LdapGroup(Model): class LdapGroup(Model):
""" """