Added IP Board 4

alliance_auth/settings.py.example

@@ -97,7 +97,17 @@ DATABASES = {
         'PASSWORD': os.environ.get('AA_DB_PHPBB3_PASSWORD', 'password'),
         'HOST': os.environ.get('AA_DB_PHPBB3_HOST', '127.0.0.1'),
         'PORT': os.environ.get('AA_DB_PHPBB3_PORT', '3306'),
+    },
+
+    'ips4': {
+        'ENGINE': 'django.db.backends.mysql',
+        'NAME': 'alliance_ips4',
+        'USER': os.environ.get('AA_DB_IPS4_USER', 'allianceserver'),
+        'PASSWORD': os.environ.get('AA_DB_IPS4_PASSWORD', 'G7GeHrpE'),
+        'HOST': os.environ.get('AA_DB_IPS4_HOST', '127.0.0.1'),
+        'PORT': os.environ.get('AA_DB_IPS4_PORT', '3306'),
     }
+    
 }
 
 TEMPLATE_CONTEXT_PROCESSORS = (
@@ -224,6 +234,7 @@ BLUE_ALLIANCE_GROUPS = 'True' == os.environ.get('AA_BLUE_ALLIANCE_GROUPS', 'Fals
 # ENABLE_AUTH_MUMBLE - Enable mumble support in the auth for auth'd members
 # ENABLE_AUTH_IPBOARD - Enable IPBoard forum support in the auth for auth'd members
 # ENABLE_AUTH_DISCORD - Enable Discord support in the auth for auth'd members
+# ENABLE_AUTH_IPS4 - Enable IPS4 support in the auth for auth'd members
 #########################
 ENABLE_AUTH_FORUM = 'True' == os.environ.get('AA_ENABLE_AUTH_FORUM', 'False')
 ENABLE_AUTH_JABBER = 'True' == os.environ.get('AA_ENABLE_AUTH_JABBER', 'False')
@@ -231,6 +242,7 @@ ENABLE_AUTH_MUMBLE = 'True' == os.environ.get('AA_ENABLE_AUTH_MUMBLE', 'False')
 ENABLE_AUTH_IPBOARD = 'True' == os.environ.get('AA_ENABLE_AUTH_IPBOARD', 'False')
 ENABLE_AUTH_TEAMSPEAK3 = 'True' == os.environ.get('AA_ENABLE_AUTH_TEAMSPEAK3', 'False')
 ENABLE_AUTH_DISCORD = 'True' == os.environ.get('AA_ENABLE_AUTH_DISCORD', 'False')
+ENABLE_AUTH_IPS4 = 'True' == os.environ.get('AA_ENABLE_AUTH_IPS4', 'False')
 
 #####################
 # Blue service Setup
@@ -241,6 +253,7 @@ ENABLE_AUTH_DISCORD = 'True' == os.environ.get('AA_ENABLE_AUTH_DISCORD', 'False'
 # ENABLE_BLUE_MUMBLE - Enable mumble support in the auth for blues
 # ENABLE_BLUE_IPBOARD - Enable IPBoard forum support in the auth for blues
 # ENABLE_BLUE_DISCORD - Enable Discord support in the auth for blues
+# ENABLE_BLUE_IPS4 - Enable IPS4 support in the auth for blues
 #####################
 BLUE_STANDING = float(os.environ.get('AA_BLUE_STANDING', '5.0'))
 ENABLE_BLUE_FORUM = 'True' == os.environ.get('AA_ENABLE_BLUE_FORUM', 'False')
@@ -249,6 +262,7 @@ ENABLE_BLUE_MUMBLE = 'True' == os.environ.get('AA_ENABLE_BLUE_MUMBLE', 'False')
 ENABLE_BLUE_IPBOARD = 'True' == os.environ.get('AA_ENABLE_BLUE_IPBOARD', 'False')
 ENABLE_BLUE_TEAMSPEAK3 = 'True' == os.environ.get('AA_ENABLE_BLUE_TEAMSPEAK3', 'False')
 ENABLE_BLUE_DISCORD = 'True' == os.environ.get('AA_ENABLE_BLUE_DISCORD', 'False')
+ENABLE_BLUE_IPS4 = 'True' == os.environ.get('AA_ENABLE_BLUE_IPS4', 'False')
 
 #########################
 # Corp Configuration
@@ -365,6 +379,15 @@ DISCORD_SERVER_ID = os.environ.get('AA_DISCORD_SERVER_ID', '')
 DISCORD_USER_EMAIL = os.environ.get('AA_DISCORD_USER_EMAIL', '')
 DISCORD_USER_PASSWORD = os.environ.get('AA_DISCORD_USER_PASSWORD', '')
 
+#####################################
+# IPS4 Configuration
+#####################################
+# IPS4_URL - base url of the IPS4 install (no trailing slash)
+# IPS4_API_KEY - API key provided by IPS4
+#####################################
+IPS4_URL = os.environ.get('AA_IPS4_URL', 'http://mydomain.com/ips4')
+IPS4_API_KEY = os.environ.get('AA_IPS4_API_KEY', '')
+
 #####################################
 # Logging Configuration
 #####################################

alliance_auth/urls.py

@@ -137,6 +137,15 @@ urlpatterns = patterns('',
                        url(r'^deactivate_discord/$', 'services.views.deactivate_discord', name='auth_deactivate_discord'),
                        url(r'^reset_discord/$', 'services.views.reset_discord', name='auth_reset_discord'),
 
+                       # IPS4 Service Control
+                       url(r'^activate_ips4/$', 'services.views.activate_ips4',
+                           name='auth_activate_ips4'),
+                       url(r'^deactivate_ips4/$', 'services.views.deactivate_ips4',
+                           name='auth_deactivate_ips4'),
+                       url(r'^reset_ips4_password/$', 'services.views.reset_ips4_password',
+                           name='auth_reset_ips4_password'),
+                       url(r'^set_ips4_password/$', 'services.views.set_ips4_password', name='auth_set_ips4_password'),
+
                        # Tools
                        url(r'^tool/fleet_formatter_tool/$', 'services.views.fleet_formatter_view',
                            name='auth_fleet_format_tool_view'),

authentication/managers.py

@@ -121,3 +121,17 @@ class AuthServicesInfoManager:
             logger.info("Updated user %s discord info in authservicesinfo model." % user)
         else:
             logger.error("Failed to update user %s discord info: user does not exist." % user)
+
+    @staticmethod
+    def update_user_ips4_info(username, password, id, user):
+        if User.objects.filter(username=user.username).exists():
+            logger.debug("Updating user %s IPS4 info: username %s" % (user, username))
+            authserviceinfo = AuthServicesInfoManager.__get_or_create(user)
+            authserviceinfo.ips4_username = username
+            authserviceinfo.ips4_password = password
+            authserviceinfo.ips4_id = id
+            authserviceinfo.save(update_fields=['ips4_username', 'ips4_password', 'ips4_id'])
+            logger.info("Updated user %s IPS4 info in authservicesinfo model." % user)
+        else:
+            logger.error("Failed to update user %s IPS4 info: user does not exist." % user)
+

authentication/models.py

@@ -14,6 +14,9 @@ class AuthServicesInfo(models.Model):
     teamspeak3_uid = models.CharField(max_length=254, blank=True, default="")
     teamspeak3_perm_key = models.CharField(max_length=254, blank=True, default="")
     discord_uid = models.CharField(max_length=254, blank=True, default="")
+    ips4_username = models.CharField(max_length=254, blank=True, default="")
+    ips4_password = models.CharField(max_length=254, blank=True, default="")
+    ips4_id = models.CharField(max_length=254, blank=True, default="")
     main_char_id = models.CharField(max_length=64, blank=True, default="")
     is_blue = models.BooleanField(default=False)
     user = models.ForeignKey(User)

services/managers/ips4_manager.py

@@ -0,0 +1,110 @@
+import logging
+from django.conf import settings
+import requests
+import os
+from django.db import connections
+from passlib.hash import bcrypt
+from django.utils import timezone
+
+
+logger = logging.getLogger(__name__)
+
+class Ips4Manager:
+
+    SQL_ADD_USER = r"INSERT INTO core_members (name, email, members_pass_hash, members_pass_salt, " \
+                   r"member_group_id) VALUES (%s, %s, %s, %s, %s)"
+    SQL_GET_ID = r"SELECT member_id FROM core_members WHERE name = %s"
+    SQL_UPDATE_PASSWORD = r"UPDATE core_members SET members_pass_hash = %s, members_pass_salt = %s WHERE name = %s"
+    SQL_DEL_USER = r"DELETE FROM core_members WHERE member_id = %s"
+
+
+
+    MEMBER_GROUP_ID = 3
+
+
+    @staticmethod
+    def add_user(username, email):
+        logger.debug("Adding new IPS4 user %s" % username)
+        plain_password = Ips4Manager.__generate_random_pass()
+        hash = bcrypt.encrypt(plain_password, rounds=13)
+        hash_result = hash
+        rounds_striped = hash_result.strip('$2a$13$')
+        salt = rounds_striped[:22]
+        joined_date = timezone.now
+        group = Ips4Manager.MEMBER_GROUP_ID
+        cursor = connections['ips4'].cursor()
+        cursor.execute(Ips4Manager.SQL_ADD_USER, [username, email, hash, salt, group])
+        member_id = Ips4Manager.get_user_id(username)
+        return username, plain_password, member_id
+
+    @staticmethod
+    def get_user_id(username):
+        cursor = connections['ips4'].cursor()
+        cursor.execute(Ips4Manager.SQL_GET_ID, [username])
+        row = cursor.fetchone()
+        if row is not None:
+            logger.debug("Got user id %s for username %s" % (row[0], username))
+            return row[0]
+        else:
+            logger.error("username %s not found. Unable to determine id." % username)
+            return None
+
+    @staticmethod
+    def __generate_random_pass():
+        return os.urandom(8).encode('hex')
+
+
+    @staticmethod
+    def delete_user(id):
+        logger.debug("Deleting IPS4 user id %s" % id)
+        try:
+            cursor = connections['ips4'].cursor()
+            cursor.execute(Ips4Manager.SQL_DEL_USER, [id])
+            logger.info("Deleted IPS4 user %s" % id)
+            return True
+        except:
+            logger.exception("Failed to delete IPS4 user id %s" % id)
+            return False
+
+    @staticmethod
+    def update_user_password(username):
+        logger.debug("Updating IPS4 user id %s password" % id)
+        if Ips4Manager.check_user(username):
+            plain_password = Ips4Manager.__generate_random_pass()
+            hash = bcrypt.encrypt(plain_password, rounds=13)
+            hash_result = hash
+            rounds_striped = hash_result.strip('$2a$13$')
+            salt = rounds_striped[:22]
+            cursor = connections['ips4'].cursor()
+            cursor.execute(Ips4Manager.SQL_UPDATE_PASSWORD, [hash, salt, username])
+            return plain_password
+        else:
+            logger.error("Unable to update ips4 user %s password" % username)
+            return ""
+
+    @staticmethod
+    def check_user(username):
+        logger.debug("Checking IPS4 username %s" % username)
+        cursor = connections['ips4'].cursor()
+        cursor.execute(Ips4Manager.SQL_GET_ID, [username])
+        row = cursor.fetchone()
+        if row:
+            logger.debug("Found user %s on IPS4" % username)
+            return True
+        logger.debug("User %s not found on IPS4" % username)
+        return False
+
+    @staticmethod
+    def update_custom_password(username, plain_password):
+        logger.debug("Updating IPS4 user id %s password" % id)
+        if Ips4Manager.check_user(username):
+            hash = bcrypt.encrypt(plain_password, rounds=13)
+            hash_result = hash
+            rounds_striped = hash_result.strip('$2a$13$')
+            salt = rounds_striped[:22]
+            cursor = connections['ips4'].cursor()
+            cursor.execute(Ips4Manager.SQL_UPDATE_PASSWORD, [hash, salt, username])
+            return plain_password
+        else:
+            logger.error("Unable to update ips4 user %s password" % username)
+            return ""

services/views.py

@@ -14,6 +14,7 @@ from managers.mumble_manager import MumbleManager
 from managers.ipboard_manager import IPBoardManager
 from managers.teamspeak3_manager import Teamspeak3Manager
 from managers.discord_manager import DiscordManager
+from managers.ips4_manager import Ips4Manager
 from authentication.managers import AuthServicesInfoManager
 from eveonline.managers import EveManager
 from celerytask.tasks import update_jabber_groups
@@ -26,7 +27,6 @@ from forms import JabberBroadcastForm
 from forms import FleetFormatterForm
 from forms import DiscordForm
 from forms import ServicePasswordForm
-from forms import TeamspeakJoinForm
 from util import check_if_user_has_permission
 
 import threading
@@ -340,32 +340,12 @@ def activate_teamspeak3(request):
     if result[0] is not "":
         AuthServicesInfoManager.update_user_teamspeak3_info(result[0], result[1], request.user)
         logger.debug("Updated authserviceinfo for user %s with TS3 credentials. Updating groups." % request.user)
+        update_teamspeak3_groups.delay(request.user.pk)
         logger.info("Succesfully activated TS3 for user %s" % request.user)
-        return HttpResponseRedirect("/verify_teamspeak3/")
+        return HttpResponseRedirect("/services/")
     logger.error("Unsuccessful attempt to activate TS3 for user %s" % request.user)
     return HttpResponseRedirect("/dashboard")
 
-@login_required
-@user_passes_test(service_blue_alliance_test)
-def verify_teamspeak3(request):
-    logger.debug("verify_teamspeak3 called by user %s" % request.user)
-    authinfo = AuthServicesInfoManager.get_auth_service_info(request.user)
-    if not authinfo.teamspeak3_uid:
-        logger.warn("Unable to validate user %s teamspeak: no teamspeak data" % request.user)
-        return HttpResponseRedirect("/services")
-    if request.method == "POST":
-        form = TeamspeakJoinForm(request.POST)
-        if form.is_valid():
-            update_teamspeak3_groups.delay(request.user.pk)
-            logger.debug("Validated user %s joined TS server")
-            return HttpResponseRedirect("/services/")
-    else:
-        form = TeamspeakJoinForm({'username':authinfo.teamspeak3_uid})
-    context = {
-        'form': form,
-        'authinfo': authinfo,
-    }
-    return render_to_response('registered/teamspeakjoin.html', context, context_instance=RequestContext(request))
 
 @login_required
 @user_passes_test(service_blue_alliance_test)
@@ -603,3 +583,80 @@ def set_ipboard_password(request):
     logger.debug("Rendering form for user %s" % request.user)
     context = {'form': form, 'service': 'IPBoard', 'error': error}
     return render_to_response('registered/service_password.html', context, context_instance=RequestContext(request))
+
+@login_required
+@user_passes_test(service_blue_alliance_test)
+def activate_ips4(request):
+    logger.debug("activate_ips4 called by user %s" % request.user)
+    authinfo = AuthServicesInfoManager.get_auth_service_info(request.user)
+    # Valid now we get the main characters
+    character = EveManager.get_character_by_id(authinfo.main_char_id)
+    logger.debug("Adding IPS4 user for user %s with main character %s" % (request.user, character))
+    result = Ips4Manager.add_user(character.character_name, request.user.email)
+    # if empty we failed
+    if result[0] != "":
+        AuthServicesInfoManager.update_user_ips4_info(result[0], result[1], result[2], request.user)
+        logger.debug("Updated authserviceinfo for user %s with IPS4 credentials." % request.user)
+        #update_ips4_groups.delay(request.user.pk)
+        logger.info("Succesfully activated IPS4 for user %s" % request.user)
+        return HttpResponseRedirect("/services/")
+    logger.error("Unsuccesful attempt to activate IPS4 for user %s" % request.user)
+    return HttpResponseRedirect("/dashboard")
+
+@login_required
+@user_passes_test(service_blue_alliance_test)
+def reset_ips4_password(request):
+    logger.debug("reset_ips4_password called by user %s" % request.user)
+    authinfo = AuthServicesInfoManager.get_auth_service_info(request.user)
+    result = Ips4Manager.update_user_password(authinfo.ips4_username)
+    # false we failed
+    if result != "":
+        AuthServicesInfoManager.update_user_ips4_info(authinfo.ips4_username, result, id, request.user)
+        logger.info("Succesfully reset IPS4 password for user %s" % request.user)
+        return HttpResponseRedirect("/services/")
+    logger.error("Unsuccessful attempt to reset IPS4 password for user %s" % request.user)
+    return HttpResponseRedirect("/dashboard")
+
+@login_required
+@user_passes_test(service_blue_alliance_test)
+def set_ips4_password(request):
+    logger.debug("set_ips4_password called by user %s" % request.user)
+    error = None
+    if request.method == 'POST':
+        logger.debug("Received POST request with form.")
+        form = ServicePasswordForm(request.POST)
+        logger.debug("Form is valid: %s" % form.is_valid())
+        if form.is_valid():
+            password = form.cleaned_data['password']
+            logger.debug("Form contains password of length %s" % len(password))
+            authinfo = AuthServicesInfoManager.get_auth_service_info(request.user)
+            result = Ips4Manager.update_custom_password(authinfo.ips4_username, plain_password=password)
+            if result != "":
+                AuthServicesInfoManager.update_user_ips4_info(authinfo.ips4_username, result, authinfo.ips4_id, request.user)
+                logger.info("Succesfully reset IPS4 password for user %s" % request.user)
+                return HttpResponseRedirect("/services/")
+            else:
+                logger.error("Failed to install custom IPS4 password for user %s" % request.user)
+                error = "Failed to install custom password."
+        else:
+            error = "Invalid password provided"
+    else:
+        logger.debug("Request is not type POST - providing empty form.")
+        form = ServicePasswordForm()
+
+    logger.debug("Rendering form for user %s" % request.user)
+    context = {'form': form, 'service': 'IPS4', 'error': error}
+    return render_to_response('registered/service_password.html', context, context_instance=RequestContext(request))
+
+@login_required
+@user_passes_test(service_blue_alliance_test)
+def deactivate_ips4(request):
+    logger.debug("deactivate_ips4 called by user %s" % request.user)
+    authinfo = AuthServicesInfoManager.get_auth_service_info(request.user)
+    result = Ips4Manager.delete_user(authinfo.ips4_id)
+    if result != "":
+        AuthServicesInfoManager.update_user_ips4_info("", "", "", request.user)
+        logger.info("Succesfully deactivated IPS4 for user %s" % request.user)
+        return HttpResponseRedirect("/services/")
+    logger.error("Unsuccesful attempt to deactivate IPS4 for user %s" % request.user)
+    return HttpResponseRedirect("/dashboard")