diff --git a/www/conf/config.example.ini b/www/conf/config.example.ini
index 8748096ad5dac32d6892feb03f2210b25054dfa6..cf6b5691fca6db839723e20886c385832a809cee 100644
--- a/www/conf/config.example.ini
+++ b/www/conf/config.example.ini
@@ -8,7 +8,7 @@ PW_RESET_TOKEN_LIFETIME = 5
[ldap]
LDAP_HOST = ldap
LDAP_BIND_DN = cn=admin,dc=warpzone,dc=ms
-LDAP_PASSWORD = k7dAw8j2
+LDAP_PASSWORD =
LDAP_USER_SEARCH_PATH = ou=users,dc=warpzone,dc=ms
LDAP_GROUP_SEARCH_PATH = dc=warpzone,dc=ms
@@ -18,5 +18,14 @@ LDAP_GROUP_IS_ACTIVE = cn=active,ou=groups,dc=warpzone,dc=ms
LDAP_GROUP_IS_STAFF = cn=superuser,ou=groups,ou=warpauth,ou=infrastructure,dc=warpzone,dc=ms
LDAP_GROUP_SUPERUSER = cn=superuser,ou=groups,ou=warpauth,ou=infrastructure,dc=warpzone,dc=ms
+[email]
+SMTP_HOST = smtp.warpzone.ms
+SMTP_PORT = 25
+SMTP_USERNAME = noreply@warpzone.ms
+SMTP_PASSWORD =
+SMTP_EMAIL_FROM = noreply@warpzone.ms
+SMTP_USE_TLS = True
+SUBJECT_PREFIX = '[WarpInfra] '
+
[misc]
LOG_PATH = /var/log/
\ No newline at end of file
diff --git a/www/web/warpauth/models.py b/www/web/warpauth/models.py
index 65090caa6f9285ce830ddabd2aeb15f1a1f43912..18108bdf30dc15ce0f26473aaabffa1774885201 100644
--- a/www/web/warpauth/models.py
+++ b/www/web/warpauth/models.py
@@ -9,7 +9,9 @@ class PasswordResetToken(models.Model):
email = models.CharField(max_length=100)
hash = models.CharField(max_length=100)
created = models.DateTimeField(auto_now_add=True)
-
+
+ def __str__(self):
+ return self.hash
# LDAP
@@ -22,7 +24,7 @@ class LdapUser(ldapdb.models.Model):
last_name = CharField(db_column='sn', max_length=200)
email = CharField(db_column='mail', max_length=200)
cn = CharField(db_column='cn', max_length=200)
- card_id = CharField(db_column='pager', max_length=200)
+ card_id = CharField(db_column='employeeNumber', max_length=200)
uidNumber = CharField(db_column='uidNumber', max_length=200)
gidNumber = CharField(db_column='gidNumber', max_length=200)
homeDirectory = CharField(db_column='homeDirectory', max_length=200)
diff --git a/www/web/warpauth/templates/warpauth/profile.html b/www/web/warpauth/templates/warpauth/profile.html
index 5445ae78f93b7b7010746da21d2c4bd3c8029618..7d35d14b6c49725e3e3cfc552d4da2fc15bb06ff 100644
--- a/www/web/warpauth/templates/warpauth/profile.html
+++ b/www/web/warpauth/templates/warpauth/profile.html
@@ -26,5 +26,7 @@
</div>
</div>
</div>
-
+<script>
+$('a[href="{{ selected_tab }}"]').tab('show');
+</script>
{% endblock %}
\ No newline at end of file
diff --git a/www/web/warpauth/templates/warpauth/profile/change_password.html b/www/web/warpauth/templates/warpauth/profile/change_password.html
index 6ede004e1177ac09c8148e5b47ab8307acf7a09b..f42f79e2d0ff08bb39cd4534d9453302e9442e71 100644
--- a/www/web/warpauth/templates/warpauth/profile/change_password.html
+++ b/www/web/warpauth/templates/warpauth/profile/change_password.html
@@ -2,9 +2,13 @@
<div>
<br />
- {% if error %}
- <div class="alert alert-danger">{{ error }}</div><br>
+ {% if error_passwd %}
+ <div class="alert alert-danger">{{ error_passwd }}</div><br>
{% endif %}
+ {% if success_passwd %}
+ <div class="alert alert-success">{% trans "Password changed successfully" %}</div><br>
+ {% endif %}
+
<form class="form-horizontal" method="POST" action="/profile/change_password/" role="form">
{% csrf_token %}
<div class="form-group">
diff --git a/www/web/warpauth/templates/warpauth/profile/information.html b/www/web/warpauth/templates/warpauth/profile/information.html
index 438dc5eedb4466bad3776f3120bd2ef69713498f..4fd7fb1c03bdc48a8a5f318c533a5ff63d558b20 100644
--- a/www/web/warpauth/templates/warpauth/profile/information.html
+++ b/www/web/warpauth/templates/warpauth/profile/information.html
@@ -2,10 +2,16 @@
{% load bootstrap %}
<div>
<br/>
- <p class="lead">{% trans "Groups" %}</p><p />
+ <p class="lead">{% trans "User data" %}</p><p />
<div class="panel panel-default">
<div class="panel-body">
+ {% if error_info %}
+ <div class="alert alert-danger">{{ error_info }}</div><br>
+ {% endif %}
+ {% if success_info %}
+ <div class="alert alert-success">{% trans "Information changed successfully" %}</div><br>
+ {% endif %}
<form class="form-horizontal" action="/profile/change_information/" method="POST" role="form">
{{ ldap_user_form | bootstrap_horizontal }}
<div class="form-group">
@@ -18,7 +24,9 @@
</div>
</div>
<div class="panel panel-default">
+
<div class="panel-body">
+ <p class="lead">{% trans "Groups" %}</p><p />
<table class="table">
{% for ldap_group in ldap_groups %}
<tr><td>{{ ldap_group }}</td></tr>
diff --git a/www/web/warpauth/templates/warpauth/reset_password/change_password.html b/www/web/warpauth/templates/warpauth/reset_password/change_password.html
index bd1fdd86d7de2ced74497947766ca9a7e085d88d..cdeb539aaa855eff01b07c9a5bb3e54193401548 100644
--- a/www/web/warpauth/templates/warpauth/reset_password/change_password.html
+++ b/www/web/warpauth/templates/warpauth/reset_password/change_password.html
@@ -8,7 +8,7 @@
<div class="alert alert-success">
{% trans "Your password was sucessfully changed. You will be redirected within 5 seconds. If not please click" %}
<a href="/login">{% trans "here" %}</a>
- <meta refresh>
+ <meta http-equiv="refresh" content="5; url=/login">
</div>
{% else %}
<form class="form" style="max-width: 330px; margin: 0 auto; padding: 40px">
diff --git a/www/web/warpauth/templates/warpauth/reset_password/token_gen.html b/www/web/warpauth/templates/warpauth/reset_password/token_gen.html
index b38577f3aa619badde49ae422c8b1c0c010a5856..c4c521b77351db0ebffd08d1cddb56ca3b6d1356 100644
--- a/www/web/warpauth/templates/warpauth/reset_password/token_gen.html
+++ b/www/web/warpauth/templates/warpauth/reset_password/token_gen.html
@@ -3,10 +3,11 @@
{% block title %}{% trans "Reset Password" %}{% endblock %}
{% block content %}
{% if request.POST %}
- <h2 class="form-signin-heading">{% trans "If your information were right, you've got an Email" %}</h2>
-
- Token is: <a href="{{ debug }}">{{ debug }}</a>
-
+ {% if error %}
+ <div class="alert alert-danger">{{ error }}</div><br>
+ {% else %}
+ <div class="alert alert-success">{% trans "If your information were right, you've got an Email" %}</div><br>
+ {% endif %}
{% else %}
<form class="form" style="max-width: 330px; margin: 0 auto; padding: 40px">
{% csrf_token %}
diff --git a/www/web/warpauth/urls.py b/www/web/warpauth/urls.py
index c7b5d79a2c18dc7f496d159854e6a3c166a1ad52..1bec8cad1af8cb8bdb0f001a4e1ab77503667f19 100644
--- a/www/web/warpauth/urls.py
+++ b/www/web/warpauth/urls.py
@@ -13,7 +13,7 @@ urlpatterns = [
url(r'^register/$', register.register, name='index'),
url(r'^reset_password/$', reset_password.gen_token, name='index'),
-# url(r'^reset_password/(?P<reset_hash>\w+)/$', reset_password.change_password, name='index'),
+ url(r'^reset_password/(?P<reset_hash>\w+)/$', reset_password.change_password, name='index'),
url(r'^profile/$', profile.index, name='index'),
url(r'^profile/change_password/$', profile.change_password, name='change_password'),
diff --git a/www/web/warpauth/views/profile.py b/www/web/warpauth/views/profile.py
index fb099d5ae5e9f627c34a6f5dcdc91ce190bea72c..dc9aab87551f249d15ae048947ad37356ebca648 100644
--- a/www/web/warpauth/views/profile.py
+++ b/www/web/warpauth/views/profile.py
@@ -14,10 +14,21 @@ import logging
# ToDo: first- and lastname, email, public?
##
+
+def setUserObject(request):
+ pages['ldap_groups'] = request.user.ldap_user.group_names
+ pages['ldap_user_form'] = LdapUserForm(instance=LdapUser.objects.get(uid=str(request.user)))
+
+def clear_error_messages():
+ pages["error_info"] = ""
+ pages["success_info"] = False
+ pages["error_passwd"] = ""
+ pages["success_passwd"] = False
+ pages["selected_tab"]=""
+
@login_required(login_url='/login/', redirect_field_name=None)
def index(request):
- pages["error"] = ""
- pages["success"] = False
+ clear_error_messages()
pages['ldap_groups'] = request.user.ldap_user.group_names
pages['ldap_user_form'] = LdapUserForm(instance=LdapUser.objects.get(uid=str(request.user)))
return HttpResponse(render(request, 'warpauth/profile.html', pages))
@@ -25,7 +36,8 @@ def index(request):
@login_required(login_url='/login/', redirect_field_name=None)
def change_information(request):
- pages["error"] = ""
+ clear_error_messages()
+ setUserObject(request)
if request.method != 'POST':
return redirect("/profile")
@@ -33,13 +45,13 @@ def change_information(request):
first_name = request.POST["first_name"]
last_name = request.POST["last_name"]
email = request.POST["email"]
-
+ card_id = request.POST["card_id"]
f = forms.EmailField()
try:
f.clean(email)
except ValidationError as e:
- pages["error"] = "Invalid Email"
- return redirect("/profile")
+ pages["error_info"] = "Invalid Email"
+ return HttpResponse(render(request, 'warpauth/profile.html', pages))
cn = first_name + " " + last_name
cn = cn.strip()
if first_name == "":
@@ -48,32 +60,38 @@ def change_information(request):
last_name = "None"
if cn == "":
cn = "None"
+
user.first_name = first_name
user.last_name = last_name
user.cn = cn
user.email = email
+ user.card_id=card_id
user.save()
- return redirect("/profile")
+ pages["success_info"] = True
+ setUserObject(request)
+ return HttpResponse(render(request, 'warpauth/profile.html', pages))
@login_required(login_url='/login/', redirect_field_name=None)
def change_password(request):
- pages["error"] = ""
- pages["success"] = False
-
+ clear_error_messages()
+ pages["selected_tab"]="#change_passwd"
if request.method != 'POST':
- return redirect("/")
-
- if "old_pw" not in request.POST or "new_pw" not in request.POST or "new_pw_confirm" not in request.POST:
- pages["error"] = "Please fill in all fields"
+ return redirect("/profile")
+ print("old_pw" == "")
+ if request.POST["old_pw"] == "" or request.POST["new_pw"] == "" or request.POST["new_pw_confirm"] == "":
+ pages["error_passwd"] = "Please fill in all fields"
elif request.POST["new_pw"] != request.POST["new_pw_confirm"]:
- pages["error"] = "Password confirmation did not match"
+ pages["error_passwd"] = "Password confirmation did not match"
else:
ldap_connector = LDAPConnector()
- ret = ldap_connector.change_password(request.user.ldap_user.dn, request.POST["old_pw"], request.POST["new_pw"])
+ ret = ldap_connector.change_user_password(request.user.ldap_user.dn, request.POST["old_pw"], request.POST["new_pw"])
if ret == -1:
- pages["error"] = "Old password did not match"
+ pages["error_passwd"] = "Old password did not match"
else:
- pages["success"] = True
+ pages["success_passwd"] = True
+ pages['ldap_groups'] = request.user.ldap_user.group_names
+ pages['ldap_user_form'] = LdapUserForm(instance=LdapUser.objects.get(uid=str(request.user)))
return HttpResponse(render(request, 'warpauth/profile.html', pages))
+
diff --git a/www/web/warpauth/views/reset_password.py b/www/web/warpauth/views/reset_password.py
index 9e903884435921677adfac3171c6c78f2edfa7d3..7dad01c081f15f1ed10acd716b62b0233833dd34 100644
--- a/www/web/warpauth/views/reset_password.py
+++ b/www/web/warpauth/views/reset_password.py
@@ -7,6 +7,7 @@ from django.core.exceptions import ObjectDoesNotExist, ValidationError
from django.http import HttpResponse
from django.shortcuts import render
from warpauth.ldap_connector import LDAPConnector
+from warpzone.utils import send_email
from warpauth.util import *
from warpauth.models import PasswordResetToken, LdapUser
@@ -21,6 +22,7 @@ from warpzone.settings import PW_RESET_TOKEN_LIFETIME
def gen_token(request):
logger = logging.getLogger("reset_password")
+ pages["error"] = ""
if request.POST:
try:
usr = LdapUser.objects.get(uid=request.POST["username"])
@@ -30,7 +32,9 @@ def gen_token(request):
p.email = usr.email
p.hash = hashlib.sha1(os.urandom(128)).hexdigest()
p.save()
- pages["debug"] = "http://localhost/reset_password/%s" % p.hash
+ ret = send_email(p.email, "Requested Password Reset", "http://localhost/reset_password/%s" % p.hash)
+ if not ret:
+ pages["error"] = "Error while sending the email. Please contact the administrator."
logger.info("Success for %s", usr.uid)
except Exception as e:
print(e)
@@ -42,19 +46,14 @@ def gen_token(request):
#
# Function to change user password with a reset Token
# ToDo: Implement Email after password change
-# ToDo: Implement automatic redirection if succeeded in template
#
def change_password(request, reset_hash=None):
- # logger = logging.getLogger("reset_password")
- # Debug
- for pw in PasswordResetToken.objects.all():
- print(pw.hash)
- #
+ pages["token_error"] = False
try:
pw_reset_token = PasswordResetToken.objects.get(hash=reset_hash)
time_difference = datetime.datetime.now() - pw_reset_token.created
- if time_difference.seconds/60 > PW_RESET_TOKEN_LIFETIME:
+ if time_difference.seconds/60 > int(PW_RESET_TOKEN_LIFETIME):
pw_reset_token.delete()
raise ValidationError("Token not valid")
@@ -72,7 +71,5 @@ def change_password(request, reset_hash=None):
except (ObjectDoesNotExist, ValidationError) as e:
print(e)
pages["token_error"] = True
- except Exception as e:
- print(e)
return HttpResponse(render(request, 'warpauth/reset_password/change_password.html', pages))
diff --git a/www/web/warpzone/settings.py b/www/web/warpzone/settings.py
index c669ff6d785170dcb542a199a69062c6c34b47a2..508d25b576d0acbf673bd135ba9e28a8111eb177 100644
--- a/www/web/warpzone/settings.py
+++ b/www/web/warpzone/settings.py
@@ -25,6 +25,15 @@ LDAP_GROUP_IS_ACTIVE = config.get('ldap','LDAP_GROUP_IS_ACTIVE')
LDAP_GROUP_IS_STAFF = config.get('ldap','LDAP_GROUP_IS_STAFF')
LDAP_GROUP_SUPERUSER = config.get('ldap','LDAP_GROUP_SUPERUSER')
+# SMTP
+EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend'
+EMAIL_HOST = config.get('email','SMTP_HOST')
+EMAIL_HOST_USER = config.get('email','SMTP_USERNAME')
+EMAIL_FROM = config.get('email','SMTP_EMAIL_FROM')
+EMAIL_HOST_PASSWORD = config.get('email','SMTP_PASSWORD')
+EMAIL_USE_TLS = config.get('email','SMTP_USE_TLS')
+EMAIL_SUBJECT_PREFIX = config.get('email','SUBJECT_PREFIX')
+
# SECURITY
PW_RESET_TOKEN_LIFETIME = config.get('security','PW_RESET_TOKEN_LIFETIME')
SECRET_KEY = config.get('security','SECRET_KEY')
@@ -53,7 +62,7 @@ INSTALLED_APPS = (
# WARPPAY
'rest_framework',
'rest_framework.authtoken',
- # 'warppay'
+ 'warppay'
)
MIDDLEWARE_CLASSES = (
@@ -97,7 +106,7 @@ LOCALE_PATHS = (
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.sqlite3',
- 'NAME': '/opt/database/warpzone.db'
+ 'NAME': 'warpzone.db'
},
'ldap': {
'ENGINE': 'ldapdb.backends.ldap',
diff --git a/www/web/warpzone/utils.py b/www/web/warpzone/utils.py
new file mode 100644
index 0000000000000000000000000000000000000000..88962dcf355554ce44c9c44564266a4ed877f3ae
--- /dev/null
+++ b/www/web/warpzone/utils.py
@@ -0,0 +1,17 @@
+from django.core.mail import send_mail
+from django.conf import settings
+
+def send_email(to_address, subject, content):
+ try:
+ send_mail(
+ '[WarpInfra] %s' % subject,
+ content,
+ settings.EMAIL_FROM,
+ [to_address],
+ fail_silently=False,
+ )
+ return True
+ except Exception as e:
+ print(e)
+
+ return False
\ No newline at end of file