burmatovan/openuds
1
0
Fork 0
forked from shaba/openuds
Code Issues Pull Requests Projects Releases Wiki Activity

Fixed a possible bug with the use of the IP authenticator. Now it checks that the username "ip" is the same as request.ip

Browse Source
This commit is contained in:
Adolfo Gómez 2013-06-25 15:42:05 +00:00
parent 2cc81d2b8b
commit 0303fbf910
2 changed files with 6 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
server/.settings/org.eclipse.core.resources.prefs
View File

@ -135,6 +135,8 @@ encoding//src/uds/osmanagers/WindowsOsManager/WinRandomPassOsManager.py=utf-8
encoding//src/uds/osmanagers/WindowsOsManager/WindowsOsManager.py=utf-8
encoding//src/uds/osmanagers/WindowsOsManager/__init__.py=utf-8
encoding//src/uds/osmanagers/__init__.py=utf-8
encoding//src/uds/services/HyperV_enterprise/HyperVProvider.py=utf-8
encoding//src/uds/services/HyperV_enterprise/__init__.py=utf-8
encoding//src/uds/services/OVirt/OVirtLinkedDeployment.py=utf-8
encoding//src/uds/services/OVirt/OVirtLinkedService.py=utf-8
encoding//src/uds/services/OVirt/OVirtProvider.py=utf-8

8
server/src/uds/auths/IP/Authenticator.py
View File

@ -38,6 +38,8 @@ from django.utils.translation import ugettext_noop as _
from uds.core.auths import Authenticator
from uds.core.auths.GroupsManager import GroupsManager
from uds.core.util import net
from uds.core.util.request import getRequest
import logging, random, string
logger = logging.getLogger(__name__)
@ -73,8 +75,7 @@ class IPAuth(Authenticator):
def authenticate(self, username, credentials, groupsManager):
# If credentials is a dict, that can't be sent directly from web interface, we allow entering
# We use this "trick" so authenticators
if self.cache().get(username) == credentials:
self.cache().remove(username)
if username == getRequest().ip:
self.getGroups(username, groupsManager)
return True
return False
@ -97,8 +98,7 @@ class IPAuth(Authenticator):
gm = GroupsManager(self.dbAuthenticator())
self.getGroups(request.ip, gm)
if gm.hasValidGroups() and self.dbAuthenticator().isValidUser(request.ip, True):
passw = ''.join(random.choice(string.letters + string.digits) for __ in xrange(12))
self.cache().put(request.ip, passw)
passw = ''
return '<script type="text/javascript">$("#id_user").val("' + request.ip + '");$("#id_password").val("' + passw + '");$("#loginform").submit();</script>'
else:
return '<div>This ip is not allowed to autologin (' + request.ip +')</div><script type="text/javascript">$("#backToLogin").click()</script>'