update_password every ldap login

rrd/config.py

@@ -23,6 +23,8 @@ SITE_COOKIE = os.environ.get("SITE_COOKIE","open-falcon-ck")
 
 # Falcon+ API
 API_ADDR = os.environ.get("API_ADDR","http://127.0.0.1:8080/api/v1")
+API_USER = os.environ.get("API_USER","admin")
+API_PASS = os.environ.get("API_PASS","password")
 
 # portal database
 # TODO: read from api instead of db

rrd/view/auth/auth.py

@@ -49,8 +49,7 @@ def auth_login():
             try:
                 ldap_info = view_utils.ldap_login_user(name, password)
 
-                h = {"Content-type":"application/json"}
-                d = {
+                user_info = {
                     "name": name,
                     "password": password,
                     "cnname": ldap_info['cnname'],
@@ -58,11 +57,17 @@ def auth_login():
                     "phone": ldap_info['phone'],
                 }
 
-                r = requests.post("%s/user/create" %(config.API_ADDR,), \
-                        data=json.dumps(d), headers=h)
-                log.debug("%s:%s" %(r.status_code, r.text))
-
-                #TODO: update password in db if ldap password changed
+                Apitoken = view_utils.get_Apitoken(config.API_USER, config.API_PASS)
+
+                user_id = view_utils.get_user_id(name, Apitoken)
+				
+                if user_id > 0:
+                    view_utils.update_password(user_id, password, Apitoken)
+					# if user exist, update password
+                else:
+                    view_utils.create_user(user_info)
+					# create user , signup must be enabled
+					
             except Exception as e:
                 ret["msg"] = str(e)
                 return json.dumps(ret)

rrd/view/utils.py

@@ -184,3 +184,61 @@ def ldap_login_user(name, password):
         raise e
     finally:
         cli and cli.unbind_s()
+
+def get_Apitoken(name, password):
+    d = {
+        "name": name, "password": password,
+    }
+	
+    h = {"Content-type":"application/json"}
+	
+    r = requests.post("%s/user/login" %(config.API_ADDR,), \
+            data=json.dumps(d), headers=h)
+    log.debug("%s:%s" %(r.status_code, r.text))
+	
+    if r.status_code != 200:
+        raise Exception("%s %s" %(r.status_code, r.text))
+
+    sig = json.loads(r.text)["sig"]
+    return json.dumps({"name":name,"sig":sig})
+
+def get_user_id(name, Apitoken):
+    h = {"Content-type":"application/json","Apitoken":Apitoken}
+	
+    r = requests.get("%s/user/name/%s" %(config.API_ADDR,name), headers=h)
+    log.debug("%s:%s" %(r.status_code, r.text))
+	
+    if r.status_code != 200:
+        user_id = -1
+        return user_id
+
+    user_id = json.loads(r.text)["id"]
+    return user_id
+
+def update_password(user_id, password, Apitoken):
+    d = {
+        "user_id": user_id, "password": password,
+    }
+	
+    h = {"Content-type":"application/json","Apitoken":Apitoken}
+	
+    r = requests.put("%s/admin/change_user_passwd" %(config.API_ADDR,), \
+           data=json.dumps(d), headers=h)
+    log.debug("%s:%s" %(r.status_code, r.text))
+	
+    if r.status_code != 200:
+        raise Exception("%s %s" %(r.status_code, r.text))
+		
+    return
+
+def create_user(user_info):
+    h = {"Content-type":"application/json"}
+	
+    r = requests.post("%s/user/create" %(config.API_ADDR,), \
+           data=json.dumps(user_info), headers=h)
+    log.debug("%s:%s" %(r.status_code, r.text))
+	
+    if r.status_code != 200:
+        raise Exception("%s %s" %(r.status_code, r.text))
+		
+    return