2025-12-29 15:22:15 +05:30
|
|
|
from flask import Blueprint, render_template, request, redirect, url_for, flash, session
|
2026-02-18 18:00:20 +05:30
|
|
|
import os
|
2025-12-29 15:22:15 +05:30
|
|
|
from functools import wraps
|
2026-02-14 17:32:30 +05:30
|
|
|
from ldap3 import Server, Connection, ALL
|
|
|
|
|
from ldap3.core.exceptions import LDAPException
|
|
|
|
|
|
2025-12-29 15:22:15 +05:30
|
|
|
|
|
|
|
|
class LoginAuth:
|
|
|
|
|
def __init__(self):
|
2026-02-14 17:32:30 +05:30
|
|
|
# Create Blueprint
|
2025-12-29 15:22:15 +05:30
|
|
|
self.bp = Blueprint("auth", __name__)
|
|
|
|
|
|
2026-02-18 18:00:20 +05:30
|
|
|
# LDAP CONFIG
|
|
|
|
|
self.LDAP_SERVER = os.getenv("LDAP_SERVER", "ldap://host.docker.internal:389")
|
|
|
|
|
self.BASE_DN = "ou=users,dc=lcepl,dc=org"
|
2026-02-14 17:32:30 +05:30
|
|
|
|
2026-02-18 18:00:20 +05:30
|
|
|
# Register Routes
|
|
|
|
|
self.bp.add_url_rule("/login", view_func=self.login, methods=["GET", "POST"])
|
|
|
|
|
self.bp.add_url_rule("/logout", view_func=self.logout)
|
2026-02-17 16:54:43 +05:30
|
|
|
|
2026-02-18 18:00:20 +05:30
|
|
|
# ================= LOGIN =================
|
|
|
|
|
def login(self):
|
|
|
|
|
if request.method == "POST":
|
|
|
|
|
username = request.form.get("username")
|
|
|
|
|
password = request.form.get("password")
|
2026-02-17 16:54:43 +05:30
|
|
|
|
2026-02-18 18:00:20 +05:30
|
|
|
if not username or not password:
|
|
|
|
|
flash("Username and password are required!", "danger")
|
|
|
|
|
return render_template("login.html")
|
|
|
|
|
|
|
|
|
|
user_dn = f"uid={username},{self.BASE_DN}"
|
|
|
|
|
server = Server(self.LDAP_SERVER, get_info=ALL)
|
|
|
|
|
|
|
|
|
|
try:
|
|
|
|
|
conn = Connection(server, user=user_dn, password=password, auto_bind=True)
|
|
|
|
|
|
|
|
|
|
if conn.bound:
|
|
|
|
|
session["user"] = username
|
|
|
|
|
flash(f"Login successful! Welcome {username}", "success")
|
|
|
|
|
conn.unbind()
|
|
|
|
|
return redirect(url_for("welcome"))
|
2026-02-17 16:54:43 +05:30
|
|
|
else:
|
|
|
|
|
flash("Invalid username or password!", "danger")
|
2026-02-14 17:32:30 +05:30
|
|
|
|
2026-02-18 18:00:20 +05:30
|
|
|
except LDAPException as e:
|
|
|
|
|
flash(f"LDAP login failed: {str(e)}", "danger")
|
|
|
|
|
|
|
|
|
|
return render_template("login.html")
|
|
|
|
|
|
|
|
|
|
# ================= LOGOUT =================
|
|
|
|
|
def logout(self):
|
|
|
|
|
session.clear()
|
|
|
|
|
flash("Logged out successfully!", "success")
|
|
|
|
|
return redirect(url_for("auth.login"))
|
|
|
|
|
|
|
|
|
|
# ================= LOGIN REQUIRED =================
|
2025-12-29 15:22:15 +05:30
|
|
|
def login_required(self, f):
|
|
|
|
|
@wraps(f)
|
|
|
|
|
def wrapper(*args, **kwargs):
|
|
|
|
|
if "user" not in session:
|
|
|
|
|
flash("Please login first!", "danger")
|
|
|
|
|
return redirect(url_for("auth.login"))
|
|
|
|
|
return f(*args, **kwargs)
|
|
|
|
|
return wrapper
|
