user AdminLogin API

rrd/view/auth/auth.py

@@ -18,6 +18,8 @@ from flask import request, g, abort, render_template, redirect
 from flask.ext.babel import refresh
 import requests
 import json
+import string
+import random
 from rrd import app
 from rrd import config
 from rrd.model.user import User
@@ -26,6 +28,9 @@ from rrd.view import utils as view_utils
 from rrd.utils.logger import logging
 log = logging.getLogger(__file__)
 
+def id_generator(size=16, chars=string.ascii_uppercase + string.digits):
+   return ''.join(random.choice(chars) for _ in range(size)) 
+
 @app.route("/auth/login", methods=["GET", "POST"])
 def auth_login():
     if request.method == "GET":
@@ -48,7 +53,7 @@ def auth_login():
         if ldap == "1":
             try:
                 ldap_info = view_utils.ldap_login_user(name, password)
-
+                password = id_generator()
                 user_info = {
                     "name": name,
                     "password": password,
@@ -56,17 +61,18 @@ def auth_login():
                     "email": ldap_info['email'],
                     "phone": ldap_info['phone'],
                 }
-
                 Apitoken = view_utils.get_Apitoken(config.API_USER, config.API_PASS)
 
-                user_id = view_utils.get_user_id(name, Apitoken)
-				
-                if user_id > 0:
-                    view_utils.update_password(user_id, password, Apitoken)
-					# if user exist, update password
-                else:
+                ut = view_utils.admin_login_user(name, Apitoken)
+                if not ut:
                     view_utils.create_user(user_info)
-					# create user , signup must be enabled
+                    ut = view_utils.admin_login_user(name, Apitoken)
+                    #if user not exist, create user , signup must be enabled
+                ret["data"] = {
+                        "name": ut.name,
+                        "sig": ut.sig,
+                }
+                return json.dumps(ret)
 					
             except Exception as e:
                 ret["msg"] = str(e)

rrd/view/utils.py

@@ -116,6 +116,25 @@ def login_user(name, password):
     set_user_cookie(ut, session)
     return ut
 
+def admin_login_user(name, Apitoken):
+    params = {
+        "name": name,
+    }
+    h = {
+        "Apitoken": Apitoken
+    }
+    r = requests.post("%s/admin/login" %config.API_ADDR, data=params, headers=h)
+    log.debug("%s:%s" %(r.status_code, r.text))
+    if r.status_code != 200:
+        if json.loads(r.text)["error"] == "no such user":
+            return None
+        else:
+            raise Exception("%s : %s" %(r.status_code, r.text))
+
+    j = r.json()
+    ut = UserToken(j["name"], j["sig"])
+    set_user_cookie(ut, session)
+    return ut
 
 def ldap_login_user(name, password):
     import ldap
@@ -202,35 +221,6 @@ def get_Apitoken(name, password):
     sig = json.loads(r.text)["sig"]
     return json.dumps({"name":name,"sig":sig})
 
-def get_user_id(name, Apitoken):
-    h = {"Content-type":"application/json","Apitoken":Apitoken}
-	
-    r = requests.get("%s/user/name/%s" %(config.API_ADDR,name), headers=h)
-    log.debug("%s:%s" %(r.status_code, r.text))
-	
-    if r.status_code != 200:
-        user_id = -1
-        return user_id
-
-    user_id = json.loads(r.text)["id"]
-    return user_id
-
-def update_password(user_id, password, Apitoken):
-    d = {
-        "user_id": user_id, "password": password,
-    }
-	
-    h = {"Content-type":"application/json","Apitoken":Apitoken}
-	
-    r = requests.put("%s/admin/change_user_passwd" %(config.API_ADDR,), \
-           data=json.dumps(d), headers=h)
-    log.debug("%s:%s" %(r.status_code, r.text))
-	
-    if r.status_code != 200:
-        raise Exception("%s %s" %(r.status_code, r.text))
-		
-    return
-
 def create_user(user_info):
     h = {"Content-type":"application/json"}