問題

小米的openfalcon在使用ldap首次登陸成功后,會在本地創(chuàng)建同名的賬號, 這就有個問題當你更新了ldap的密碼時,openfalcon是沒有同步本地賬號密碼的功能

二次改造

方便我們debug, 先把日志的debug打開,默認是沒有運行時日志的,只有console日志

# 編輯文件 dashboard/rrd/utils/logger.py ?? import?sys from rrd?import?config import?logging file_handler = logging.FileHandler(filename='/data1/dev/open-falcon/dashboard/var/running.log') formatter = logging.Formatter('%(asctime)s - %(name)s - %(levelname)s - %(message)s') file_handler.setFormatter(formatter) logging.getLogger().addHandler(file_handler) logging.getLogger().setLevel(logging.DEBUG)

添加兩個util方法?dashboard/rrd/view/utils.py

def get_Apitoken(name, password): ????d = {"name": name,?"password": password} ????h = {"Content-type":"application/json"} ????r = requests.post("%s/user/login"?%(config.API_ADDR,), \ ????????????data=json.dumps(d), headers=h) ????if?r.status_code !=?200: ????????raise Exception("%s %s"?%(r.status_code, r.text)) ????sig = json.loads(r.text)["sig"] ????return?json.dumps({"name":name,"sig":sig}) def get_user_id(name, Apitoken): ????h = {"Content-type":"application/json","Apitoken":Apitoken} ????r = requests.get("%s/user/name/%s"?%(config.API_ADDR,name), headers=h) ????if?r.status_code !=?200: ????????user_id = -1 ????????return?user_id ????user_id = json.loads(r.text)["id"] ????return?user_id

重構登陸函數(shù)

diff --git a/rrd/view/auth/auth.py b/rrd/view/auth/auth.py index c203c4c..a546b95?100644 --- a/rrd/view/auth/auth.py +++ b/rrd/view/auth/auth.py @@ -17,6?+17,7?@@ ?from flask?import?request, g, abort, render_template, redirect ?from flask.ext.babel?import?refresh ?import?requests +import?traceback ?import?json ?from rrd?import?app ?from rrd?import?config @@ -48,6?+49,7?@@ def auth_login(): ?????????if?ldap ==?"1": ?????????????try: ?????????????????ldap_info = view_utils.ldap_login_user(name, password) +??????????????? log.debug("ldap_info: %s"?%ldap_info) ?????????????????h = {"Content-type":"application/json"} ?????????????????d = { @@ -58,12?+60,20?@@ def auth_login(): ?????????????????????"phone": ldap_info['phone'], ?????????????????} -??????????????? r = requests.post("%s/user/create"?%(config.API_ADDR,), \ +??????????????? Apitoken = view_utils.get_Apitoken('admin',?'admin_password') +??????????????? user_id = view_utils.get_user_id(name, Apitoken) +??????????????? log.debug('apitoken:%s, user_id:%s'?%(Apitoken, user_id)) + +????????????????if?user_id >?0: +??????????????????? r = requests.put("%s/admin/change_user_passwd"?%(config.API_ADDR), data=json.dumps({"user_id":user_id,"passwor +??????????????????? log.debug('ldap login success and synchronize user password') +????????????????else: +??????????????????? r = requests.post("%s/user/create"?%(config.API_ADDR,), \ ?????????????????????????data=json.dumps(d), headers=h) -??????????????? log.debug("%s:%s"?%(r.status_code, r.text)) +??????????????????? log.debug("create user status %s:%s"?%(r.status_code, r.text)) -??????????????? #TODO: update password in db?if?ldap password changed ?????????????except Exception as e: +??????????????? log.debug(traceback.format_exc()) ?????????????????ret["msg"] = str(e) ?????????????????return?json.dumps(ret)

完

轉載于:https://www.cnblogs.com/txwsqk/p/9967510.html

總結

以上是生活随笔為你收集整理的falcon适配ldap密码同步的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網(wǎng)站內容還不錯，歡迎將生活随笔推薦給好友。