1 files changed, 18 insertions, 8 deletions

diff --git a/index.py b/index.py
index eda9043..3bf8f41 100755
--- a/index.py
+++ b/index.py
@@ -35,6 +35,9 @@ class ldapobj(object):
 	def keys(s):
 		return s._keys
 
+class LoginError(Exception):
+	pass
+
 class SubdapSite(object):
 	def __init__(s):
 		cherrypy.config.update({'error_page.404': s.http_404})
@@ -46,22 +49,29 @@ class SubdapSite(object):
 	@expose('login.html')
 	def index(s):
 		return render(errors = {})
-	@expose('login.html')
-	def login(s, username = None, password = None):
-		if username == None or password == None:
-			return render(errors = {'password': 'Login incorrect'})
-		if username == '' or password == '':
-			return render(errors = {'password': 'Login incorrect'})
 
+	def login_perform(s, username, password):
 		dn = "cn=%s,ou=people,dc=sublab,dc=org" % (username)
 		try:
 			l = ldap.initialize('ldaps://taifun.local.sublab.org/')
 			l.simple_bind_s(dn, password)
 		except ldap.INVALID_CREDENTIALS:
-			return render(errors = {'password': 'Login incorrect'})
+			raise LoginError('Login incorrect')
 		except ldap.LDAPError, e:
-			return render(errors = {'password': 'Login incorrect'})
+			raise LoginError('Login incorrect')
 			#	e.message['info']
+		return (l, dn)
+
+	@expose('login.html')
+	def login(s, username = None, password = None):
+		if username == None or password == None:
+			return render(errors = {'password': 'Login incorrect'})
+		if username == '' or password == '':
+			return render(errors = {'password': 'Login incorrect'})
+
+		try:	l, dn = s.login_perform(username, password)
+		except LoginError, e:
+			return render(errors = {'password': str(e)})
 
 		user = ldapobj(l.search_s(dn, ldap.SCOPE_BASE, '(objectclass=*)', []))