From 75459361dc0c8905c11dae0fb65a4dbbb2467a7c Mon Sep 17 00:00:00 2001 From: orbitroom Date: Wed, 30 Mar 2016 04:04:14 -0500 Subject: [PATCH] Added IP Board 4 --- alliance_auth/settings.py.example | 23 +++++++ alliance_auth/urls.py | 9 +++ authentication/managers.py | 14 ++++ authentication/models.py | 3 + services/managers/ips4_manager.py | 110 ++++++++++++++++++++++++++++++ services/views.py | 103 +++++++++++++++++++++------- 6 files changed, 239 insertions(+), 23 deletions(-) create mode 100644 services/managers/ips4_manager.py diff --git a/alliance_auth/settings.py.example b/alliance_auth/settings.py.example index e2289117..86ff7264 100755 --- a/alliance_auth/settings.py.example +++ b/alliance_auth/settings.py.example @@ -97,7 +97,17 @@ DATABASES = { 'PASSWORD': os.environ.get('AA_DB_PHPBB3_PASSWORD', 'password'), 'HOST': os.environ.get('AA_DB_PHPBB3_HOST', '127.0.0.1'), 'PORT': os.environ.get('AA_DB_PHPBB3_PORT', '3306'), + }, + + 'ips4': { + 'ENGINE': 'django.db.backends.mysql', + 'NAME': 'alliance_ips4', + 'USER': os.environ.get('AA_DB_IPS4_USER', 'allianceserver'), + 'PASSWORD': os.environ.get('AA_DB_IPS4_PASSWORD', 'G7GeHrpE'), + 'HOST': os.environ.get('AA_DB_IPS4_HOST', '127.0.0.1'), + 'PORT': os.environ.get('AA_DB_IPS4_PORT', '3306'), } + } TEMPLATE_CONTEXT_PROCESSORS = ( @@ -224,6 +234,7 @@ BLUE_ALLIANCE_GROUPS = 'True' == os.environ.get('AA_BLUE_ALLIANCE_GROUPS', 'Fals # ENABLE_AUTH_MUMBLE - Enable mumble support in the auth for auth'd members # ENABLE_AUTH_IPBOARD - Enable IPBoard forum support in the auth for auth'd members # ENABLE_AUTH_DISCORD - Enable Discord support in the auth for auth'd members +# ENABLE_AUTH_IPS4 - Enable IPS4 support in the auth for auth'd members ######################### ENABLE_AUTH_FORUM = 'True' == os.environ.get('AA_ENABLE_AUTH_FORUM', 'False') ENABLE_AUTH_JABBER = 'True' == os.environ.get('AA_ENABLE_AUTH_JABBER', 'False') @@ -231,6 +242,7 @@ ENABLE_AUTH_MUMBLE = 'True' == os.environ.get('AA_ENABLE_AUTH_MUMBLE', 'False') ENABLE_AUTH_IPBOARD = 'True' == os.environ.get('AA_ENABLE_AUTH_IPBOARD', 'False') ENABLE_AUTH_TEAMSPEAK3 = 'True' == os.environ.get('AA_ENABLE_AUTH_TEAMSPEAK3', 'False') ENABLE_AUTH_DISCORD = 'True' == os.environ.get('AA_ENABLE_AUTH_DISCORD', 'False') +ENABLE_AUTH_IPS4 = 'True' == os.environ.get('AA_ENABLE_AUTH_IPS4', 'False') ##################### # Blue service Setup @@ -241,6 +253,7 @@ ENABLE_AUTH_DISCORD = 'True' == os.environ.get('AA_ENABLE_AUTH_DISCORD', 'False' # ENABLE_BLUE_MUMBLE - Enable mumble support in the auth for blues # ENABLE_BLUE_IPBOARD - Enable IPBoard forum support in the auth for blues # ENABLE_BLUE_DISCORD - Enable Discord support in the auth for blues +# ENABLE_BLUE_IPS4 - Enable IPS4 support in the auth for blues ##################### BLUE_STANDING = float(os.environ.get('AA_BLUE_STANDING', '5.0')) ENABLE_BLUE_FORUM = 'True' == os.environ.get('AA_ENABLE_BLUE_FORUM', 'False') @@ -249,6 +262,7 @@ ENABLE_BLUE_MUMBLE = 'True' == os.environ.get('AA_ENABLE_BLUE_MUMBLE', 'False') ENABLE_BLUE_IPBOARD = 'True' == os.environ.get('AA_ENABLE_BLUE_IPBOARD', 'False') ENABLE_BLUE_TEAMSPEAK3 = 'True' == os.environ.get('AA_ENABLE_BLUE_TEAMSPEAK3', 'False') ENABLE_BLUE_DISCORD = 'True' == os.environ.get('AA_ENABLE_BLUE_DISCORD', 'False') +ENABLE_BLUE_IPS4 = 'True' == os.environ.get('AA_ENABLE_BLUE_IPS4', 'False') ######################### # Corp Configuration @@ -365,6 +379,15 @@ DISCORD_SERVER_ID = os.environ.get('AA_DISCORD_SERVER_ID', '') DISCORD_USER_EMAIL = os.environ.get('AA_DISCORD_USER_EMAIL', '') DISCORD_USER_PASSWORD = os.environ.get('AA_DISCORD_USER_PASSWORD', '') +##################################### +# IPS4 Configuration +##################################### +# IPS4_URL - base url of the IPS4 install (no trailing slash) +# IPS4_API_KEY - API key provided by IPS4 +##################################### +IPS4_URL = os.environ.get('AA_IPS4_URL', 'http://mydomain.com/ips4') +IPS4_API_KEY = os.environ.get('AA_IPS4_API_KEY', '') + ##################################### # Logging Configuration ##################################### diff --git a/alliance_auth/urls.py b/alliance_auth/urls.py index 74dc20f0..52b2c157 100755 --- a/alliance_auth/urls.py +++ b/alliance_auth/urls.py @@ -137,6 +137,15 @@ urlpatterns = patterns('', url(r'^deactivate_discord/$', 'services.views.deactivate_discord', name='auth_deactivate_discord'), url(r'^reset_discord/$', 'services.views.reset_discord', name='auth_reset_discord'), + # IPS4 Service Control + url(r'^activate_ips4/$', 'services.views.activate_ips4', + name='auth_activate_ips4'), + url(r'^deactivate_ips4/$', 'services.views.deactivate_ips4', + name='auth_deactivate_ips4'), + url(r'^reset_ips4_password/$', 'services.views.reset_ips4_password', + name='auth_reset_ips4_password'), + url(r'^set_ips4_password/$', 'services.views.set_ips4_password', name='auth_set_ips4_password'), + # Tools url(r'^tool/fleet_formatter_tool/$', 'services.views.fleet_formatter_view', name='auth_fleet_format_tool_view'), diff --git a/authentication/managers.py b/authentication/managers.py index c79a36cd..74f0a825 100755 --- a/authentication/managers.py +++ b/authentication/managers.py @@ -121,3 +121,17 @@ class AuthServicesInfoManager: logger.info("Updated user %s discord info in authservicesinfo model." % user) else: logger.error("Failed to update user %s discord info: user does not exist." % user) + + @staticmethod + def update_user_ips4_info(username, password, id, user): + if User.objects.filter(username=user.username).exists(): + logger.debug("Updating user %s IPS4 info: username %s" % (user, username)) + authserviceinfo = AuthServicesInfoManager.__get_or_create(user) + authserviceinfo.ips4_username = username + authserviceinfo.ips4_password = password + authserviceinfo.ips4_id = id + authserviceinfo.save(update_fields=['ips4_username', 'ips4_password', 'ips4_id']) + logger.info("Updated user %s IPS4 info in authservicesinfo model." % user) + else: + logger.error("Failed to update user %s IPS4 info: user does not exist." % user) + diff --git a/authentication/models.py b/authentication/models.py index edfdfbc5..70269410 100755 --- a/authentication/models.py +++ b/authentication/models.py @@ -14,6 +14,9 @@ class AuthServicesInfo(models.Model): teamspeak3_uid = models.CharField(max_length=254, blank=True, default="") teamspeak3_perm_key = models.CharField(max_length=254, blank=True, default="") discord_uid = models.CharField(max_length=254, blank=True, default="") + ips4_username = models.CharField(max_length=254, blank=True, default="") + ips4_password = models.CharField(max_length=254, blank=True, default="") + ips4_id = models.CharField(max_length=254, blank=True, default="") main_char_id = models.CharField(max_length=64, blank=True, default="") is_blue = models.BooleanField(default=False) user = models.ForeignKey(User) diff --git a/services/managers/ips4_manager.py b/services/managers/ips4_manager.py new file mode 100644 index 00000000..ad0e9eed --- /dev/null +++ b/services/managers/ips4_manager.py @@ -0,0 +1,110 @@ +import logging +from django.conf import settings +import requests +import os +from django.db import connections +from passlib.hash import bcrypt +from django.utils import timezone + + +logger = logging.getLogger(__name__) + +class Ips4Manager: + + SQL_ADD_USER = r"INSERT INTO core_members (name, email, members_pass_hash, members_pass_salt, " \ + r"member_group_id) VALUES (%s, %s, %s, %s, %s)" + SQL_GET_ID = r"SELECT member_id FROM core_members WHERE name = %s" + SQL_UPDATE_PASSWORD = r"UPDATE core_members SET members_pass_hash = %s, members_pass_salt = %s WHERE name = %s" + SQL_DEL_USER = r"DELETE FROM core_members WHERE member_id = %s" + + + + MEMBER_GROUP_ID = 3 + + + @staticmethod + def add_user(username, email): + logger.debug("Adding new IPS4 user %s" % username) + plain_password = Ips4Manager.__generate_random_pass() + hash = bcrypt.encrypt(plain_password, rounds=13) + hash_result = hash + rounds_striped = hash_result.strip('$2a$13$') + salt = rounds_striped[:22] + joined_date = timezone.now + group = Ips4Manager.MEMBER_GROUP_ID + cursor = connections['ips4'].cursor() + cursor.execute(Ips4Manager.SQL_ADD_USER, [username, email, hash, salt, group]) + member_id = Ips4Manager.get_user_id(username) + return username, plain_password, member_id + + @staticmethod + def get_user_id(username): + cursor = connections['ips4'].cursor() + cursor.execute(Ips4Manager.SQL_GET_ID, [username]) + row = cursor.fetchone() + if row is not None: + logger.debug("Got user id %s for username %s" % (row[0], username)) + return row[0] + else: + logger.error("username %s not found. Unable to determine id." % username) + return None + + @staticmethod + def __generate_random_pass(): + return os.urandom(8).encode('hex') + + + @staticmethod + def delete_user(id): + logger.debug("Deleting IPS4 user id %s" % id) + try: + cursor = connections['ips4'].cursor() + cursor.execute(Ips4Manager.SQL_DEL_USER, [id]) + logger.info("Deleted IPS4 user %s" % id) + return True + except: + logger.exception("Failed to delete IPS4 user id %s" % id) + return False + + @staticmethod + def update_user_password(username): + logger.debug("Updating IPS4 user id %s password" % id) + if Ips4Manager.check_user(username): + plain_password = Ips4Manager.__generate_random_pass() + hash = bcrypt.encrypt(plain_password, rounds=13) + hash_result = hash + rounds_striped = hash_result.strip('$2a$13$') + salt = rounds_striped[:22] + cursor = connections['ips4'].cursor() + cursor.execute(Ips4Manager.SQL_UPDATE_PASSWORD, [hash, salt, username]) + return plain_password + else: + logger.error("Unable to update ips4 user %s password" % username) + return "" + + @staticmethod + def check_user(username): + logger.debug("Checking IPS4 username %s" % username) + cursor = connections['ips4'].cursor() + cursor.execute(Ips4Manager.SQL_GET_ID, [username]) + row = cursor.fetchone() + if row: + logger.debug("Found user %s on IPS4" % username) + return True + logger.debug("User %s not found on IPS4" % username) + return False + + @staticmethod + def update_custom_password(username, plain_password): + logger.debug("Updating IPS4 user id %s password" % id) + if Ips4Manager.check_user(username): + hash = bcrypt.encrypt(plain_password, rounds=13) + hash_result = hash + rounds_striped = hash_result.strip('$2a$13$') + salt = rounds_striped[:22] + cursor = connections['ips4'].cursor() + cursor.execute(Ips4Manager.SQL_UPDATE_PASSWORD, [hash, salt, username]) + return plain_password + else: + logger.error("Unable to update ips4 user %s password" % username) + return "" \ No newline at end of file diff --git a/services/views.py b/services/views.py index debd20c6..efaf7545 100755 --- a/services/views.py +++ b/services/views.py @@ -14,6 +14,7 @@ from managers.mumble_manager import MumbleManager from managers.ipboard_manager import IPBoardManager from managers.teamspeak3_manager import Teamspeak3Manager from managers.discord_manager import DiscordManager +from managers.ips4_manager import Ips4Manager from authentication.managers import AuthServicesInfoManager from eveonline.managers import EveManager from celerytask.tasks import update_jabber_groups @@ -26,7 +27,6 @@ from forms import JabberBroadcastForm from forms import FleetFormatterForm from forms import DiscordForm from forms import ServicePasswordForm -from forms import TeamspeakJoinForm from util import check_if_user_has_permission import threading @@ -340,32 +340,12 @@ def activate_teamspeak3(request): if result[0] is not "": AuthServicesInfoManager.update_user_teamspeak3_info(result[0], result[1], request.user) logger.debug("Updated authserviceinfo for user %s with TS3 credentials. Updating groups." % request.user) + update_teamspeak3_groups.delay(request.user.pk) logger.info("Succesfully activated TS3 for user %s" % request.user) - return HttpResponseRedirect("/verify_teamspeak3/") + return HttpResponseRedirect("/services/") logger.error("Unsuccessful attempt to activate TS3 for user %s" % request.user) return HttpResponseRedirect("/dashboard") -@login_required -@user_passes_test(service_blue_alliance_test) -def verify_teamspeak3(request): - logger.debug("verify_teamspeak3 called by user %s" % request.user) - authinfo = AuthServicesInfoManager.get_auth_service_info(request.user) - if not authinfo.teamspeak3_uid: - logger.warn("Unable to validate user %s teamspeak: no teamspeak data" % request.user) - return HttpResponseRedirect("/services") - if request.method == "POST": - form = TeamspeakJoinForm(request.POST) - if form.is_valid(): - update_teamspeak3_groups.delay(request.user.pk) - logger.debug("Validated user %s joined TS server") - return HttpResponseRedirect("/services/") - else: - form = TeamspeakJoinForm({'username':authinfo.teamspeak3_uid}) - context = { - 'form': form, - 'authinfo': authinfo, - } - return render_to_response('registered/teamspeakjoin.html', context, context_instance=RequestContext(request)) @login_required @user_passes_test(service_blue_alliance_test) @@ -603,3 +583,80 @@ def set_ipboard_password(request): logger.debug("Rendering form for user %s" % request.user) context = {'form': form, 'service': 'IPBoard', 'error': error} return render_to_response('registered/service_password.html', context, context_instance=RequestContext(request)) + +@login_required +@user_passes_test(service_blue_alliance_test) +def activate_ips4(request): + logger.debug("activate_ips4 called by user %s" % request.user) + authinfo = AuthServicesInfoManager.get_auth_service_info(request.user) + # Valid now we get the main characters + character = EveManager.get_character_by_id(authinfo.main_char_id) + logger.debug("Adding IPS4 user for user %s with main character %s" % (request.user, character)) + result = Ips4Manager.add_user(character.character_name, request.user.email) + # if empty we failed + if result[0] != "": + AuthServicesInfoManager.update_user_ips4_info(result[0], result[1], result[2], request.user) + logger.debug("Updated authserviceinfo for user %s with IPS4 credentials." % request.user) + #update_ips4_groups.delay(request.user.pk) + logger.info("Succesfully activated IPS4 for user %s" % request.user) + return HttpResponseRedirect("/services/") + logger.error("Unsuccesful attempt to activate IPS4 for user %s" % request.user) + return HttpResponseRedirect("/dashboard") + +@login_required +@user_passes_test(service_blue_alliance_test) +def reset_ips4_password(request): + logger.debug("reset_ips4_password called by user %s" % request.user) + authinfo = AuthServicesInfoManager.get_auth_service_info(request.user) + result = Ips4Manager.update_user_password(authinfo.ips4_username) + # false we failed + if result != "": + AuthServicesInfoManager.update_user_ips4_info(authinfo.ips4_username, result, id, request.user) + logger.info("Succesfully reset IPS4 password for user %s" % request.user) + return HttpResponseRedirect("/services/") + logger.error("Unsuccessful attempt to reset IPS4 password for user %s" % request.user) + return HttpResponseRedirect("/dashboard") + +@login_required +@user_passes_test(service_blue_alliance_test) +def set_ips4_password(request): + logger.debug("set_ips4_password called by user %s" % request.user) + error = None + if request.method == 'POST': + logger.debug("Received POST request with form.") + form = ServicePasswordForm(request.POST) + logger.debug("Form is valid: %s" % form.is_valid()) + if form.is_valid(): + password = form.cleaned_data['password'] + logger.debug("Form contains password of length %s" % len(password)) + authinfo = AuthServicesInfoManager.get_auth_service_info(request.user) + result = Ips4Manager.update_custom_password(authinfo.ips4_username, plain_password=password) + if result != "": + AuthServicesInfoManager.update_user_ips4_info(authinfo.ips4_username, result, authinfo.ips4_id, request.user) + logger.info("Succesfully reset IPS4 password for user %s" % request.user) + return HttpResponseRedirect("/services/") + else: + logger.error("Failed to install custom IPS4 password for user %s" % request.user) + error = "Failed to install custom password." + else: + error = "Invalid password provided" + else: + logger.debug("Request is not type POST - providing empty form.") + form = ServicePasswordForm() + + logger.debug("Rendering form for user %s" % request.user) + context = {'form': form, 'service': 'IPS4', 'error': error} + return render_to_response('registered/service_password.html', context, context_instance=RequestContext(request)) + +@login_required +@user_passes_test(service_blue_alliance_test) +def deactivate_ips4(request): + logger.debug("deactivate_ips4 called by user %s" % request.user) + authinfo = AuthServicesInfoManager.get_auth_service_info(request.user) + result = Ips4Manager.delete_user(authinfo.ips4_id) + if result != "": + AuthServicesInfoManager.update_user_ips4_info("", "", "", request.user) + logger.info("Succesfully deactivated IPS4 for user %s" % request.user) + return HttpResponseRedirect("/services/") + logger.error("Unsuccesful attempt to deactivate IPS4 for user %s" % request.user) + return HttpResponseRedirect("/dashboard")