diff options
Diffstat (limited to 'src/apps/changepw/views.py')
| -rw-r--r-- | src/apps/changepw/views.py | 183 |
1 files changed, 183 insertions, 0 deletions
diff --git a/src/apps/changepw/views.py b/src/apps/changepw/views.py new file mode 100644 index 0000000..c3fb090 --- /dev/null +++ b/src/apps/changepw/views.py @@ -0,0 +1,183 @@ +from django.contrib.auth.decorators import login_required +from apps.changepw.models import ChangePasswordForm +from django.http import HttpResponse +from django.shortcuts import render +import random +import nordunet_change_password as pw + + +def _change_password(pwtype, user, new_password): + ''' + Use this to call your change password function. + ''' + if pwtype == 'sso': + ret = pw.change_nordunet_sso_pw(user, new_password) + elif pwtype == 'ppp': + ret = pw.change_nordunet_ppp_pw(user, new_password) + elif pwtype == 'net': + ret = pw.change_nordunet_net_pw(user, new_password) + elif pwtype == 'vpn': + ret = pw.change_nordunet_vpn_pw(user, new_password) + else: + ret = 'Could not change that password type.' + return ret + + +def _change_other(request, *args): + ''' + Use this to call your change function. + ''' + user = request.user + ssh_key = request.POST.get('ssh_key', None) + if ssh_key: + ret = pw.set_public_ssh_key(user, ssh_key) + else: + return 1 + return ret + + +def _get_username(request): + ''' + Returns the actual username from the Shibboleth uid. + request.user.username == username@domain.com + ''' + return request.user.username.split('@')[0] + + +def _generate_password(n, z=3): + ''' + Returns a psudo random string of lenght n in accordance to the NORDUnet + security standard. z is the number of non-letters to include. + ''' + letters = 'abcdefghijklmnopqrstuvwxyz' + others = '1234567890!#%&?+*-_.<>' + pw = [] + for i in range(0, n//2): + pw.append(random.choice(letters)) + pw.append(random.choice(letters.upper())) + random.shuffle(pw) + pw = pw[:n] + for i in random.sample(range(0, n-1), z): + pw[i] = random.choice(others) + return ''.join(pw) + + +@login_required() +def index(request): + ''' + Greets the user and presents the choices available. + ''' + username = _get_username(request) + try: + full_name = request.user.get_full_name() + except AttributeError: + full_name = username + return render(request, + 'changepw/index.html', + {'full_name': full_name, 'username': username}) + + +@login_required() +def change_password(request, pwtype): + ''' + If the user is authenticated and the form is valid the password + changing script will be run with the username and new password. + The function that changes the password has to be provided as func. + ''' + username = _get_username(request) + form = ChangePasswordForm(request.POST or None) + return_value = -1 + if request.method == 'POST': + if form.is_valid(): + new_password = form.cleaned_data['new_password'] + return_value = _change_password(pwtype, request.user, new_password) + form = None + return render(request, + 'changepw/change_password.html', + {'form': form, + 'username': username, + 'pwtype': pwtype, + 'return_value': return_value}) + + +@login_required() +def change_other(request, *args): + ''' + Just passes along the request so that something can be done for that user. + ''' + username = _get_username(request) + return_value = None + if request.method == 'POST': + return_value = _change_other(request, *args) + return render(request, + 'changepw/change_other.html', + {'username': username, 'return_value': return_value}) + + +@login_required() +def change_public_ssh_keys(request): + """ + Lets the user remove or add public SSH keys. + """ + if request.POST: + ssh_key = request.POST.get('ssh_key', None) + if ssh_key: + ret = pw.set_public_ssh_key(request.user, ssh_key) + else: + ret = 'No SSH key to add.' + ssh_keys = pw.get_public_ssh_keys(request.user) + return render(request, + 'changepw/change_public_ssh_key.html', + {'username': request.user.username, + 'ssh_keys': ssh_keys, + 'return_value': ret}) + else: + ssh_keys = pw.get_public_ssh_keys(request.user) + return render(request, + 'changepw/change_public_ssh_key.html', + {'username': request.user.username, + 'ssh_keys': ssh_keys, + 'return_value': None}) + + +@login_required() +def delete_public_ssh_key(request, key_number): + """ + Delete a public SSH key. + """ + ssh_keys = pw.get_public_ssh_keys(request.user) + ret = pw.del_public_ssh_key(request.user, ssh_keys[int(key_number)]) + ssh_keys = pw.get_public_ssh_keys(request.user) + return render(request, + 'changepw/change_public_ssh_key.html', + { + 'username': request.user.username, + 'ssh_keys': ssh_keys, + 'return_value': ret}) + +def _create_ieduroam_conf(user): + """ + Creates an xml config (http://www.apple.com/DTDs/PropertyList-1.0.dtd) for + iPhone, iPod Touch or Ipad that can be set by surfing to the URL. + + Should ultimately returned with + HttpResponse(conf, mimetype='application/x-apple-aspen-config') + """ + try: + f = open('/var/lib/django/sso/apps/changepw/eduroam.mobileconfig') + except IOError: + return 'Could not open boilerplate configuration.' + uid = user.username.split('@')[0] + s = ''.join(f.readlines()) + s = s.replace('nordu-user', '%s-pwman' % uid) + conf = s.replace('eduroam-user', '%s/ppp' % uid) + return conf + + +def ideviceconf(request): + """ + HACK + """ + user = request.user + conf = _create_ieduroam_conf(user) + return HttpResponse(conf, content_type='application/x-apple-aspen-config') |