shaba/openuds
1
0
Fork 1
mirror of https://github.com/dkmstr/openuds.git synced 2025-01-03 01:17:56 +03:00
Code Issues Releases Wiki Activity

Fixed a possible bug on 1.2 with IP authenticator, and improved it

Browse Source
This commit is contained in:
Adolfo Gómez 2013-06-25 15:42:53 +00:00
parent 44da266276
commit 5047225ea0
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
server/src/uds/auths/IP/Authenticator.py
View File

@ -38,6 +38,8 @@ from django.utils.translation import ugettext_noop as _
from uds.core.auths import Authenticator from uds.core.auths import Authenticator
from uds.core.auths.GroupsManager import GroupsManager from uds.core.auths.GroupsManager import GroupsManager
from uds.core.util import net from uds.core.util import net
from uds.core.util.request import getRequest
import logging, random, string import logging, random, string
logger = logging.getLogger(__name__) logger = logging.getLogger(__name__)
@ -73,8 +75,7 @@ class IPAuth(Authenticator):
def authenticate(self, username, credentials, groupsManager): def authenticate(self, username, credentials, groupsManager):
# If credentials is a dict, that can't be sent directly from web interface, we allow entering # If credentials is a dict, that can't be sent directly from web interface, we allow entering
# We use this "trick" so authenticators # We use this "trick" so authenticators
if self.cache().get(username) == credentials: if username == getRequest().ip:
self.cache().remove(username)
self.getGroups(username, groupsManager) self.getGroups(username, groupsManager)
return True return True
return False return False
@ -97,8 +98,7 @@ class IPAuth(Authenticator):
gm = GroupsManager(self.dbAuthenticator()) gm = GroupsManager(self.dbAuthenticator())
self.getGroups(request.ip, gm) self.getGroups(request.ip, gm)
if gm.hasValidGroups() and self.dbAuthenticator().isValidUser(request.ip, True): if gm.hasValidGroups() and self.dbAuthenticator().isValidUser(request.ip, True):
passw = ''.join(random.choice(string.letters + string.digits) for __ in xrange(12)) passw = ''
self.cache().put(request.ip, passw)
return '<script type="text/javascript">$("#id_user").val("' + request.ip + '");$("#id_password").val("' + passw + '");$("#loginform").submit();</script>' return '<script type="text/javascript">$("#id_user").val("' + request.ip + '");$("#id_password").val("' + passw + '");$("#loginform").submit();</script>'
else: else:
return '<div>This ip is not allowed to autologin (' + request.ip +')</div><script type="text/javascript">$("#backToLogin").click()</script>' return '<div>This ip is not allowed to autologin (' + request.ip +')</div><script type="text/javascript">$("#backToLogin").click()</script>'