Merge dev to master, with LDAP working. v0.2.0

Author: Rafi Blecher

.gitignore

@@ -1,7 +1,5 @@
 *.pyc
 *.pyo
-*.db
 .DS_Store
 .coverage
 local_settings.py
-/static

README.md

@@ -6,7 +6,7 @@ Lets remake the csesoc website
 ## Developer setup for Ubuntu
 ###Core packages
 ```
-$ sudo apt-get install git pip sqlite3
+$ sudo apt-get install git pip sqlite3 python-ldap
 ```
 
 ###Setting up virtualenv

auth/__init__.py

@@ -0,0 +1,62 @@
+import ldap
+from django.conf import settings
+from django.contrib.auth.models import User
+
+#DJANGO_SETTINGS_MODULE
+class ldapBackend():
+
+   def authenticate(self,username,password):
+      # Login as fakeroot if in development
+      if settings.DEBUG:
+         try:
+            user = User.objects.get(username='fakeroot')
+            return user
+         except User.DoesNotExist:
+            user = User(username='fakeroot', password='nil')
+            user.is_staff = True
+            user.is_superuser = True
+            user.first_name = 'fakeroot'
+            user.email = '[email protected]'
+            user.save()
+         return user
+      else:
+         try:
+            l = ldap.open("ad.unsw.edu.au")
+            l.protocol_version = ldap.VERSION3
+
+            upn = username + '@ad.unsw.edu.au'
+
+            l.bind_s(upn, password)
+
+            baseDN = "OU=IDM_People,OU=IDM,DC=ad,DC=unsw,DC=edu,DC=au"
+            searchScope = ldap.SCOPE_SUBTREE
+            retrieveAttributes = ['cn', 'displayNamePrintable', 'givenName', 'sn', 'mail']
+            searchFilter = "cn=" + username
+
+            ldap_result = l.search(baseDN, searchScope, searchFilter, retrieveAttributes)
+            result_type, result_data = l.result(ldap_result, 0)
+
+            user_dn,attr_results = result_data[0]
+
+            try:
+               user = User.objects.get(username=attr_results['cn'][0])
+               return user
+            except User.DoesNotExist:
+               user = User(username=username, password='get from unsw ad')
+               user.is_staff = False
+               user.is_superuser = False
+               user.first_name = attr_results['givenName'][0]
+               user.last_name = attr_results['sn'][0]
+               user.email = attr_results['mail'][0]
+               user.save()
+               return user
+
+         except ldap.LDAPError, e:
+            print e
+            return None
+
+   def get_user(self, user_id):
+          try:
+              return User.objects.get(pk=user_id)
+          except User.DoesNotExist:
+              return None

auth/ldap_auth.py

@@ -0,0 +1,30 @@
+from django.shortcuts import get_object_or_404, render_to_response, redirect
+from django.template import RequestContext
+from django.http import HttpResponse
+from django.conf import settings
+from django.contrib.auth import authenticate, login, logout
+from django.contrib import messages
+
+def signin(request):
+   redirect_path = (request.REQUEST.get('redirect', '/'))
+   if request.user.is_authenticated():
+      return redirect(redirect_path)
+   if request.method == 'POST':
+      student_number = request.REQUEST['zID']
+      user = authenticate(username=student_number, password=request.REQUEST['zPass'])
+
+      if user != None:
+         login(request, user)
+         messages.success(request, user.get_full_name() + " you're now logged in.")
+         return redirect(redirect_path)
+      else:
+         messages.error(request, "Invalid login.")
+         return render_to_response('auth/login.html', {'redirect_path': redirect_path}, context_instance=RequestContext(request), user=user)
+   else:
+      return render_to_response('auth/login.html', {'redirect_path': redirect_path}, context_instance=RequestContext(request), user=user)
+
+def signout(request):
+   logout(request)
+   request.session.flush()
+   messages.success(request, "You have successfully been logged out.")
+   return redirect('/')

auth/views.py

@@ -143,7 +143,10 @@
     "django.template.loaders.app_directories.Loader",
 )
 
-AUTHENTICATION_BACKENDS = ("mezzanine.core.auth_backends.MezzanineBackend",)
+AUTHENTICATION_BACKENDS = (
+    #"mezzanine.core.auth_backends.MezzanineBackend",
+    'auth.ldap_auth.ldapBackend',
+)
 
 # List of finder classes that know how to find static files in
 # various locations.
@@ -165,9 +168,9 @@
 DATABASES = {
     "default": {
         # Add "postgresql_psycopg2", "mysql", "sqlite3" or "oracle".
-        "ENGINE": "django.db.backends.",
+        "ENGINE": "django.db.backends.sqlite3",
         # DB name or path to database file if using sqlite3.
-        "NAME": "",
+        "NAME": "soc-website.db",
         # Not used with sqlite3.
         "USER": "",
         # Not used with sqlite3.
@@ -197,6 +200,11 @@
 # project specific.
 CACHE_MIDDLEWARE_KEY_PREFIX = PROJECT_DIRNAME
 
+# Make these unique, and don't share it with anybody.
+SECRET_KEY = "bb144f82-39a0-4637-ab9c-c60c80a8d294b45fb1cc-bbb8-4c9e-a87a-3f6ad80acbdfc1841843-5187-44c6-b9a9-c5a05927e21b"
+NEVERCACHE_KEY = "f57f7b5c-bb1c-4302-bef5-26b6b3b43f2de9495caf-1f02-47ef-addb-48ad59feab612166798a-8399-4b7a-9ada-a1eb07eebb6f"
+
+
 # URL prefix for static files.
 # Example: "http://media.lawrence.com/static/"
 STATIC_URL = "/static/"
@@ -248,6 +256,7 @@
     "mezzanine.pages",
     "mezzanine.galleries",
     "mezzanine.twitter",
+    'auth',
     #"mezzanine.accounts",
     #"mezzanine.mobile",
 )

settings.py

@@ -0,0 +1,9 @@
+#!/bin/bash
+
+path=`readlink -m "$0" | sed 's/\/static.sh$//'`
+if [[ `grep -Fq "STATIC_ROOT" "$path/local_settings.py" 2> /dev/null` ]]
+then 
+  echo "STATIC_ROOT already in local_settings.py. Please edit manually."
+else 
+  echo "STATIC_ROOT = '$path/static'" >> $path/local_settings.py;
+fi