Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
main
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Labels
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Operations
Operations
Environments
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Jobs
Commits
Open sidebar
zoe
main
Commits
cb5aeb6f
Commit
cb5aeb6f
authored
Jul 06, 2016
by
Daniele Venzano
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Add file-base user store so LDAP is not an hard dependency
parent
1b991efd
Changes
4
Hide whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
63 additions
and
1 deletion
+63
-1
.gitignore
.gitignore
+1
-0
zoe_api/auth/file.py
zoe_api/auth/file.py
+48
-0
zoe_api/web/utils.py
zoe_api/web/utils.py
+9
-1
zoe_lib/config.py
zoe_lib/config.py
+5
-0
No files found.
.gitignore
View file @
cb5aeb6f
...
...
@@ -60,3 +60,4 @@ target/
.idea/
state.zoe
/zoe*.conf
zoepass.csv
zoe_api/auth/file.py
0 → 100644
View file @
cb5aeb6f
# Copyright (c) 2016, Daniele Venzano
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
# implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Plain text file authentication module."""
import
csv
import
logging
import
os
import
zoe_api.auth.base
import
zoe_api.exceptions
from
zoe_lib.config
import
get_conf
log
=
logging
.
getLogger
(
__name__
)
class
PlainTextAuthenticator
(
zoe_api
.
auth
.
base
.
BaseAuthenticator
):
"""A basic plain text file authenticator."""
def
__init__
(
self
):
self
.
passwd_file
=
get_conf
().
auth_file
if
not
os
.
access
(
self
.
passwd_file
,
os
.
R_OK
):
raise
zoe_api
.
exceptions
.
ZoeNotFoundException
(
'Password file not found at: {}'
.
format
(
self
.
passwd_file
))
def
auth
(
self
,
username
,
password
):
"""Authenticate the user or raise an exception."""
with
open
(
self
.
passwd_file
,
"r"
)
as
passwd
:
passwd_reader
=
csv
.
reader
(
passwd
)
for
row
in
passwd_reader
:
if
len
(
row
)
!=
3
:
continue
file_username
=
row
[
0
]
file_password
=
row
[
1
]
file_role
=
row
[
2
]
if
file_username
==
username
and
file_password
==
password
:
return
username
,
file_role
raise
zoe_api
.
exceptions
.
ZoeAuthException
(
'Unknown user or password.'
)
zoe_api/web/utils.py
View file @
cb5aeb6f
...
...
@@ -19,7 +19,10 @@ import logging
from
flask
import
Response
,
render_template
from
zoe_lib.config
import
get_conf
from
zoe_api.auth.ldap
import
LDAPAuthenticator
from
zoe_api.auth.file
import
PlainTextAuthenticator
import
zoe_api.exceptions
log
=
logging
.
getLogger
(
__name__
)
...
...
@@ -62,7 +65,12 @@ def get_auth(request):
if
not
auth
:
raise
zoe_api
.
exceptions
.
ZoeAuthException
authenticator
=
LDAPAuthenticator
()
if
get_conf
().
auth_type
==
'text'
:
authenticator
=
PlainTextAuthenticator
()
elif
get_conf
().
auth_type
==
'ldap'
:
authenticator
=
LDAPAuthenticator
()
else
:
raise
zoe_api
.
exceptions
.
ZoeException
(
'Configuration error, unknown authentication method: {}'
.
format
(
get_conf
().
auth_type
))
uid
,
role
=
authenticator
.
auth
(
auth
.
username
,
auth
.
password
)
if
uid
is
None
:
raise
zoe_api
.
exceptions
.
ZoeAuthException
...
...
zoe_lib/config.py
View file @
cb5aeb6f
...
...
@@ -72,6 +72,11 @@ def load_configuration(test_conf=None):
argparser
.
add_argument
(
'--listen-port'
,
type
=
int
,
help
=
'Port to listen to for incoming connections'
,
default
=
5001
)
argparser
.
add_argument
(
'--master-url'
,
help
=
'URL of the Zoe master process'
,
default
=
'tcp://127.0.0.1:4850'
)
# API auth options
argparser
.
add_argument
(
'--auth-type'
,
help
=
'Authentication type (text or ldap)'
,
default
=
'text'
)
argparser
.
add_argument
(
'--auth-file'
,
help
=
'Path to the CSV file containing user,pass,role lines for text authentication'
,
default
=
'zoepass.csv'
)
argparser
.
add_argument
(
'--ldap-server-uri'
,
help
=
'LDAP server to use for authentication'
,
default
=
'ldap://localhost'
)
argparser
.
add_argument
(
'--ldap-base-dn'
,
help
=
'LDAP base DN for users'
,
default
=
'ou=something,dc=any,dc=local'
)
argparser
.
add_argument
(
'--ldap-admin-gid'
,
type
=
int
,
help
=
'LDAP group ID for admins'
,
default
=
5000
)
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment