2025-12-29 15:22:15 +05:30
|
|
|
from flask import Blueprint, render_template, request, redirect, url_for, flash, session
|
2026-02-17 15:49:15 +05:30
|
|
|
<<<<<<< HEAD
|
2026-02-17 15:25:57 +05:30
|
|
|
import os
|
2026-02-17 15:49:15 +05:30
|
|
|
=======
|
|
|
|
|
>>>>>>> b9a8b9c0a9c322c129ac50b3dec0ffb3c6d82a83
|
2025-12-29 15:22:15 +05:30
|
|
|
from functools import wraps
|
2026-02-14 17:32:30 +05:30
|
|
|
from ldap3 import Server, Connection, ALL
|
|
|
|
|
from ldap3.core.exceptions import LDAPException
|
|
|
|
|
|
2025-12-29 15:22:15 +05:30
|
|
|
|
|
|
|
|
class LoginAuth:
|
|
|
|
|
def __init__(self):
|
2026-02-14 17:32:30 +05:30
|
|
|
# Create Blueprint
|
2025-12-29 15:22:15 +05:30
|
|
|
self.bp = Blueprint("auth", __name__)
|
|
|
|
|
|
2026-02-14 17:32:30 +05:30
|
|
|
# -------------------------------
|
|
|
|
|
# LDAP CONFIGURATION
|
|
|
|
|
# -------------------------------
|
2026-02-17 15:49:15 +05:30
|
|
|
<<<<<<< HEAD
|
2026-02-17 15:25:57 +05:30
|
|
|
self.LDAP_SERVER = os.getenv(
|
|
|
|
|
"LDAP_SERVER",
|
|
|
|
|
"ldap://host.docker.internal:389"
|
|
|
|
|
)
|
2026-02-17 15:49:15 +05:30
|
|
|
=======
|
2026-02-13 15:16:35 +05:30
|
|
|
self.LDAP_SERVER = "ldap://localhost:389"
|
2026-02-17 15:49:15 +05:30
|
|
|
>>>>>>> b9a8b9c0a9c322c129ac50b3dec0ffb3c6d82a83
|
2026-02-14 17:32:30 +05:30
|
|
|
|
|
|
|
|
self.BASE_DN = "ou=users,dc=lcepl,dc=org" # LDAP Users DN
|
|
|
|
|
|
|
|
|
|
# -------------------------------
|
2025-12-29 15:22:15 +05:30
|
|
|
# LOGIN ROUTE
|
2026-02-14 17:32:30 +05:30
|
|
|
# -------------------------------
|
2025-12-29 15:22:15 +05:30
|
|
|
@self.bp.route('/login', methods=['GET', 'POST'])
|
|
|
|
|
def login():
|
|
|
|
|
if request.method == 'POST':
|
|
|
|
|
username = request.form.get("username")
|
|
|
|
|
password = request.form.get("password")
|
2026-02-17 15:49:15 +05:30
|
|
|
<<<<<<< HEAD
|
2026-02-14 17:32:30 +05:30
|
|
|
if not username or not password:
|
|
|
|
|
flash("Username and password are required!", "danger")
|
|
|
|
|
return render_template("login.html")
|
|
|
|
|
user_dn = f"uid={username},{self.BASE_DN}"
|
|
|
|
|
server = Server(self.LDAP_SERVER, get_info=ALL)
|
2026-02-17 15:49:15 +05:30
|
|
|
=======
|
2025-12-29 15:22:15 +05:30
|
|
|
|
2026-02-13 15:16:35 +05:30
|
|
|
if not username or not password:
|
|
|
|
|
flash("Username and password are required!", "danger")
|
|
|
|
|
return render_template("login.html")
|
|
|
|
|
|
|
|
|
|
user_dn = f"uid={username},{self.BASE_DN}"
|
|
|
|
|
server = Server(self.LDAP_SERVER, get_info=ALL)
|
2025-12-29 15:22:15 +05:30
|
|
|
|
2026-02-17 15:49:15 +05:30
|
|
|
>>>>>>> b9a8b9c0a9c322c129ac50b3dec0ffb3c6d82a83
|
2026-02-14 17:32:30 +05:30
|
|
|
try:
|
|
|
|
|
# Attempt LDAP bind
|
|
|
|
|
conn = Connection(server, user=user_dn, password=password, auto_bind=True)
|
|
|
|
|
if conn.bound:
|
2026-02-17 15:49:15 +05:30
|
|
|
<<<<<<< HEAD
|
2026-02-17 15:25:57 +05:30
|
|
|
|
2026-02-17 15:49:15 +05:30
|
|
|
=======
|
|
|
|
|
>>>>>>> b9a8b9c0a9c322c129ac50b3dec0ffb3c6d82a83
|
2026-02-14 17:32:30 +05:30
|
|
|
session['user'] = username
|
|
|
|
|
flash(f"Login successful! Welcome {username}", "success")
|
|
|
|
|
return redirect(url_for('welcome'))
|
|
|
|
|
else:
|
|
|
|
|
flash("Invalid username or password!", "danger")
|
|
|
|
|
except LDAPException as e:
|
|
|
|
|
flash(f"LDAP login failed: {str(e)}", "danger")
|
|
|
|
|
finally:
|
|
|
|
|
if 'conn' in locals():
|
|
|
|
|
conn.unbind()
|
2026-02-17 15:49:15 +05:30
|
|
|
<<<<<<< HEAD
|
2026-02-14 17:32:30 +05:30
|
|
|
# GET request: show login form
|
2025-12-29 15:22:15 +05:30
|
|
|
return render_template("login.html")
|
|
|
|
|
|
2026-02-17 15:25:57 +05:30
|
|
|
|
|
|
|
|
# LOGIN ROUTE
|
|
|
|
|
# @self.bp.route('/login', methods=['GET', 'POST'])
|
|
|
|
|
# def login():
|
|
|
|
|
# if request.method == 'POST':
|
|
|
|
|
# username = request.form.get("username")
|
|
|
|
|
# password = request.form.get("password")
|
|
|
|
|
# # Dummy validation — REPLACE with DB check later
|
|
|
|
|
# if username == "admin" and password == "admin123":
|
|
|
|
|
# session['user'] = username
|
|
|
|
|
# flash("Login successful!", "success")
|
|
|
|
|
# return redirect(url_for('welcome'))
|
|
|
|
|
# else:
|
|
|
|
|
# flash("Invalid username or password!", "danger")
|
|
|
|
|
# return render_template("login.html")
|
|
|
|
|
|
|
|
|
|
|
2026-02-17 15:49:15 +05:30
|
|
|
=======
|
2026-02-13 15:16:35 +05:30
|
|
|
|
|
|
|
|
# GET request: show login form
|
2025-12-29 15:22:15 +05:30
|
|
|
return render_template("login.html")
|
|
|
|
|
|
2026-02-17 15:49:15 +05:30
|
|
|
>>>>>>> b9a8b9c0a9c322c129ac50b3dec0ffb3c6d82a83
|
2026-02-14 17:32:30 +05:30
|
|
|
# -------------------------------
|
2025-12-29 15:22:15 +05:30
|
|
|
# LOGOUT ROUTE
|
2026-02-14 17:32:30 +05:30
|
|
|
# -------------------------------
|
2025-12-29 15:22:15 +05:30
|
|
|
@self.bp.route('/logout')
|
|
|
|
|
def logout():
|
|
|
|
|
session.clear()
|
|
|
|
|
flash("Logged out successfully!", "success")
|
|
|
|
|
return redirect(url_for('auth.login'))
|
2026-02-14 17:32:30 +05:30
|
|
|
|
|
|
|
|
# ===================================================
|
|
|
|
|
# LOGIN REQUIRED DECORATOR INSIDE CLASS
|
2025-12-29 15:22:15 +05:30
|
|
|
# ===================================================
|
|
|
|
|
def login_required(self, f):
|
2026-02-14 17:32:30 +05:30
|
|
|
"""
|
|
|
|
|
Protect routes: redirect to login if user not authenticated.
|
|
|
|
|
"""
|
2025-12-29 15:22:15 +05:30
|
|
|
@wraps(f)
|
|
|
|
|
def wrapper(*args, **kwargs):
|
|
|
|
|
if "user" not in session:
|
|
|
|
|
flash("Please login first!", "danger")
|
|
|
|
|
return redirect(url_for("auth.login"))
|
|
|
|
|
return f(*args, **kwargs)
|
|
|
|
|
return wrapper
|
