pjpatil12/IncomeTaxSystem
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

LDAP Config Added #5

Closed
Swapnil9693 wants to merge 1 commits from swapnil-dev into main
pull from: swapnil-dev
merge into: pjpatil12:main
Conversation 1 Commits 1 Files Changed 1 +43 -12
1 changed files with 43 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit b9a8b9c0a9 - Show all commits

55
AppCode/LoginAuth.py
View File

@@ -1,40 +1,71 @@
from flask import Blueprint, render_template, request, redirect, url_for, flash, session from flask import Blueprint, render_template, request, redirect, url_for, flash, session
from flask import flash,redirect,url_for
from functools import wraps from functools import wraps
from flask import session from ldap3 import Server, Connection, ALL
from ldap3.core.exceptions import LDAPException
class LoginAuth: class LoginAuth:
def __init__(self): def __init__(self):
# Create Blueprint
self.bp = Blueprint("auth", __name__) self.bp = Blueprint("auth", __name__)
# -------------------------------
# LDAP CONFIGURATION
# -------------------------------
self.LDAP_SERVER = "ldap://localhost:389"
self.BASE_DN = "ou=users,dc=lcepl,dc=org" # LDAP Users DN
# -------------------------------
# LOGIN ROUTE # LOGIN ROUTE
# -------------------------------
@self.bp.route('/login', methods=['GET', 'POST']) @self.bp.route('/login', methods=['GET', 'POST'])
def login(): def login():
if request.method == 'POST': if request.method == 'POST':
username = request.form.get("username") username = request.form.get("username")
password = request.form.get("password") password = request.form.get("password")
# Dummy validation — REPLACE with DB check later if not username or not password:
if username == "admin" and password == "admin123": flash("Username and password are required!", "danger")
session['user'] = username return render_template("login.html")
flash("Login successful!", "success")
return redirect(url_for('welcome'))
else:
flash("Invalid username or password!", "danger")
user_dn = f"uid={username},{self.BASE_DN}"
server = Server(self.LDAP_SERVER, get_info=ALL)
try:
# Attempt LDAP bind
conn = Connection(server, user=user_dn, password=password, auto_bind=True)
if conn.bound:
session['user'] = username
flash(f"Login successful! Welcome {username}", "success")
return redirect(url_for('welcome'))
else:
flash("Invalid username or password!", "danger")
except LDAPException as e:
flash(f"LDAP login failed: {str(e)}", "danger")
finally:
if 'conn' in locals():
conn.unbind()
# GET request: show login form
return render_template("login.html") return render_template("login.html")
# -------------------------------
# LOGOUT ROUTE # LOGOUT ROUTE
# -------------------------------
@self.bp.route('/logout') @self.bp.route('/logout')
def logout(): def logout():
session.clear() session.clear()
flash("Logged out successfully!", "success") flash("Logged out successfully!", "success")
return redirect(url_for('auth.login')) return redirect(url_for('auth.login'))
# =================================================== # ===================================================
# LOGIN REQUIRED DECORATOR INSIDE CLASS # LOGIN REQUIRED DECORATOR INSIDE CLASS
# =================================================== # ===================================================
def login_required(self, f): def login_required(self, f):
"""
Protect routes: redirect to login if user not authenticated.
"""
@wraps(f) @wraps(f)
def wrapper(*args, **kwargs): def wrapper(*args, **kwargs):
if "user" not in session: if "user" not in session: