diff options
author | equinox <equinox@diac24.net> | 2011-09-27 02:09:53 +0200 |
---|---|---|
committer | equinox <equinox@diac24.net> | 2011-09-27 02:09:53 +0200 |
commit | 8d2b75d61631e0794d436eefefb25644de1d2de4 (patch) | |
tree | 01193f125c25b3f1068ae4638a002aedb5387c01 | |
parent | ed927fd7ccafebfa68dc327c7389876131a9a870 (diff) |
password change application
-rwxr-xr-x | index.py | 38 | ||||
-rw-r--r-- | static/app_password.png | bin | 0 -> 1927 bytes | |||
-rw-r--r-- | static/info.png | bin | 0 -> 1933 bytes | |||
-rw-r--r-- | static/layout.css | 18 | ||||
-rw-r--r-- | templates/layout.xi | 8 | ||||
-rw-r--r-- | templates/pwchange.html | 23 | ||||
-rw-r--r-- | templates/select.html | 5 |
7 files changed, 86 insertions, 6 deletions
@@ -73,13 +73,16 @@ class SubdapSite(object): except LoginError, e: return render(errors = {'password': str(e)}) + return s.selectpage(l, dn) + + def selectpage(s, l, dn, message = None): user = ldapobj(l.search_s(dn, ldap.SCOPE_BASE, '(objectclass=*)', [])) tgts = {} for site in tgt_sites: tgts[site] = urllib.urlencode(ticket.tgt_create(site, user['cn'])) - return render('select.html', user = user, tgts = tgts) + return render('select.html', user = user, tgts = tgts, message = message) ## x = '' # for r in data: @@ -91,12 +94,12 @@ class SubdapSite(object): # details.append([k, value]) ## x += '<tr><td>%s</td><td><pre>%s</pre></td></tr>\n' % (k, "<hr>".join(v)) - def params_validate(s, errors, username, password, password2): + def newpass_validate(s, username, password, password2, expectstate): errors = {} if username == None or username == '': errors['username'] = 'please specify an user name' - elif accountservice.name_valid(username) != 'valid': - errors['username'] = 'username invalid or taken' + elif accountservice.name_valid(username) != expectstate: + errors['username'] = 'username invalid' if password == None or len(password) < 6: errors['password'] = 'please specify a password of at least 6 characters' if password2 != password: @@ -110,13 +113,38 @@ class SubdapSite(object): if cherrypy.request.method.upper() == 'GET': return render(errors = {}, username = '') - errors = s.params_validate(errors, username, password, password2) + errors = s.newpass_validate(username, password, password2, 'valid') if errors is not None: return render(errors = errors, username = username) accountservice.name_create(username, password) return s.login(username, password) + @expose('pwchange.html') + def pwchange(s, username = None, oldpassword = None, password = None, password2 = None): + if cherrypy.request.method.upper() == 'GET': + return render(errors = {}, username = username) + + errors = s.newpass_validate(username, password, password2, 'exists') + if errors is not None: + return render(errors = errors, username = username) + + try: l, dn = s.login_perform(username, oldpassword) + except LoginError, e: + return render(errors = {'oldpassword': str(e)}, username = username) + + import kerberos + try: + assert kerberos.changePassword(username + '@SUBLAB.ORG', oldpassword, password) == True + except kerberos.PwdChangeError, e: + return render(errors = {'password2': str(e.message)}, username = username) + + return s.selectpage(l, dn, + '''Your password has been changed -- + please note that it may take up to 10 minutes for Kerberos to update + its three heads. At any moment, either your old password or your new + password will work.''') + @cherrypy.expose def kill(s): import sys diff --git a/static/app_password.png b/static/app_password.png Binary files differnew file mode 100644 index 0000000..f498440 --- /dev/null +++ b/static/app_password.png diff --git a/static/info.png b/static/info.png Binary files differnew file mode 100644 index 0000000..0bcc358 --- /dev/null +++ b/static/info.png diff --git a/static/layout.css b/static/layout.css index eb670f5..1b8f0f5 100644 --- a/static/layout.css +++ b/static/layout.css @@ -61,6 +61,24 @@ div#creatpw { input[type=submit] { margin-top:1em; } + +div#infobox { + display:inline-block; + max-width:40em; + color:#000; + background-color:#dde2ff; + border:1px solid #bcf; + margin:2em 0em -1em 0em; +} +div#infobox img { + float:left; + margin:15px 5px; +} +div#infobox p { + text-align:left; + margin-left:45px; +} + body#error img { float:left; margin:2em; diff --git a/templates/layout.xi b/templates/layout.xi index 7b59619..e14e21b 100644 --- a/templates/layout.xi +++ b/templates/layout.xi @@ -14,8 +14,16 @@ </head> </py:match> + <py:match path="sub:infobox" once="true"> + <div id="infobox"> + <img src="static/info.png" alt="info"/> + <p>${select('text()')}</p> + </div> + </py:match> + <py:match path="sub:bodyform" once="true"> <body id="formcont" py:attrs="select('@*')"> + ${select('sub:infobox')} <div> <img id="logo" src="static/ldap.png" alt="subdap"/> ${select('*')} diff --git a/templates/pwchange.html b/templates/pwchange.html new file mode 100644 index 0000000..a7e0605 --- /dev/null +++ b/templates/pwchange.html @@ -0,0 +1,23 @@ +<!DOCTYPE html> +<html xmlns="http://www.w3.org/1999/xhtml" + xmlns:py="http://genshi.edgewall.org/" + xmlns:sub="http://local.sublab.org/subdap/xmlns-templates" + xmlns:xi="http://www.w3.org/2001/XInclude"> + <xi:include href="layout.xi"/> + <head> + <title>change password</title> + </head> + <sub:bodyform> + <form action='pwchange' method='POST'> + <div>uid: <input type='text' name='username' size="10" value="${username}"/></div> + <b class="error" py:if="'username' in errors">${errors.username}</b> + <div id="creatpw">old password: <input type='password' name='oldpassword' size="10" value=""/></div> + <b class="error" py:if="'oldpassword' in errors">${errors.oldpassword}</b> + <div id="creatpw">password: <input type='password' name='password' size="10" value=""/></div> + <b class="error" py:if="'password' in errors">${errors.password}</b> + <div>repeat: <input type='password' name='password2' size="10" value=""/></div> + <b class="error" py:if="'password2' in errors">${errors.password2}</b> + <input type='submit' value='change password'/> + </form> + </sub:bodyform> +</html> diff --git a/templates/select.html b/templates/select.html index 8b5e47f..1391431 100644 --- a/templates/select.html +++ b/templates/select.html @@ -8,11 +8,14 @@ <head> <title>login</title> </head> + <sub:infobox py:if="message != None"> + ${message} + </sub:infobox> <sub:bodyform> <div class="cont"> Hallo ${user['cn']}! <p class="app"><a href="https://wiki.sublab.org/auth_subdap.php?${tgts['wiki']}"><img src="${url('static/app_wiki.png')}" alt="wiki"/> sublab.org wiki</a></p> - <p class="app"><a href=""><img src="${url('static/app_subdap.png')}" alt="wiki"/> Benutzerdaten</a></p> + <p class="app"><a href="pwchange?username=${user['cn']}"><img src="${url('static/app_password.png')}" alt="pwchange"/> Passwort ändern</a></p> </div> </sub:bodyform> </html> |