Send reset password to LDAP server

2020-06-23 20:48:43 +00:00 · 2020-06-23 20:48:43 +00:00 · a6e1876b93
commit a6e1876b93
parent 5a2c022dfd
3 changed files with 23 additions and 6 deletions
--- a/apiserver/apiserver/api/serializers.py
+++ b/apiserver/apiserver/api/serializers.py
@ -7,7 +7,7 @@ from rest_framework import serializers
 from rest_framework.exceptions import ValidationError
 from rest_framework.validators import UniqueValidator
 from rest_auth.registration.serializers import RegisterSerializer
-from rest_auth.serializers import PasswordChangeSerializer, PasswordResetSerializer
+from rest_auth.serializers import PasswordChangeSerializer, PasswordResetSerializer, PasswordResetConfirmSerializer
 from rest_auth.serializers import UserDetailsSerializer
 import re

@ -437,6 +437,19 @@ class MyPasswordResetSerializer(PasswordResetSerializer):
            raise ValidationError('Not found.')
        return super().validate_email(email)

+class MyPasswordResetConfirmSerializer(PasswordResetConfirmSerializer):
+    def save(self):
+        data = dict(
+            username=self.user.username,
+            password1=self.data['new_password1'],
+        )
+
+        if utils_ldap.is_configured():
+            if utils_ldap.set_password(data) != 200:
+                raise ValidationError(dict(non_field_errors='Problem connecting to LDAP server: set.'))
+
+        super().save()
+

 class MemberCountSerializer(serializers.ModelSerializer):
    class Meta:
--- a/apiserver/apiserver/api/views.py
+++ b/apiserver/apiserver/api/views.py
@ -12,7 +12,7 @@ from rest_framework import viewsets, views, mixins, generics, exceptions
 from rest_framework.decorators import action, api_view
 from rest_framework.permissions import BasePermission, IsAuthenticated, SAFE_METHODS, IsAuthenticatedOrReadOnly
 from rest_framework.response import Response
-from rest_auth.views import PasswordChangeView, PasswordResetView
+from rest_auth.views import PasswordChangeView, PasswordResetView, PasswordResetConfirmView
 from rest_auth.registration.views import RegisterView
 from fuzzywuzzy import fuzz, process
 from collections import OrderedDict
@ -528,7 +528,10 @@ class PasswordChangeView(PasswordChangeView):
 class PasswordResetView(PasswordResetView):
    serializer_class = serializers.MyPasswordResetSerializer

+class PasswordResetConfirmView(PasswordResetConfirmView):
+    serializer_class = serializers.MyPasswordResetConfirmSerializer
+

@api_view()
-def null_view(request):
-    return Response(status=status.HTTP_400_BAD_REQUEST)
+def null_view(request, *args, **kwargs):
+    raise Http404
--- a/apiserver/apiserver/urls.py
+++ b/apiserver/apiserver/urls.py
@ -32,10 +32,11 @@ urlpatterns = [
    path(ADMIN_ROUTE, admin.site.urls),
    path('api-auth/', include('rest_framework.urls')),
    url(r'^password/reset/$', views.PasswordResetView.as_view(), name='rest_password_reset'),
-    url(r'^password-reset/confirm/(?P<uidb64>[0-9A-Za-z_\-]+)/(?P<token>[0-9A-Za-z]{1,13}-[0-9A-Za-z]{1,20})/$', views.null_view, name='password_reset_confirm'),
+    url(r'^password/reset/confirm/$', views.PasswordResetConfirmView.as_view(), name='password_reset_confirm'),
+    url(r'^password/reset/confirm/(?P<uidb64>[0-9A-Za-z_\-]+)/(?P<token>[0-9A-Za-z]{1,13}-[0-9A-Za-z]{1,20})/$', views.null_view, name='password_reset_confirm'),
+    url(r'^password/change/', views.PasswordChangeView.as_view(), name='rest_password_change'),
    url(r'^rest-auth/', include('rest_auth.urls')),
    url(r'^registration/', views.RegistrationView.as_view(), name='rest_name_register'),
-    url(r'^password/change/', views.PasswordChangeView.as_view(), name='rest_password_change'),
    url(r'^user/', views.UserView.as_view(), name='user'),
    url(r'^ping/', views.PingView.as_view(), name='ping'),
    url(r'^paste/', views.PasteView.as_view(), name='paste'),