Module: check_mk
Branch: master
Commit: 66d73a6e50e21c80cec16acdfa9a9ac61896756a
URL:
http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=66d73a6e50e21c…
Author: Mathias Kettner <mk(a)mathias-kettner.de>
Date: Fri Sep 28 15:58:35 2012 +0200
Enable automation login with _username= and _secret=
---
ChangeLog | 6 +++++-
web/htdocs/js/wato.js | 2 +-
web/htdocs/login.py | 14 ++++++++++++++
web/htdocs/wato.py | 2 +-
4 files changed, 21 insertions(+), 3 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index eb7f197..0a55ec1 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,6 +1,10 @@
1.2.1i2:
Event Console:
- * Moved source of Event Console into Check_MK project
+ * Moved source of Event Console into Check_MK project
+
+ Multisite:
+ * Enable automation login with _username= and _secret=, while
+ _secret is the content of var/check_mk/web/$USER/automation.secret
1.2.0p3:
Mulitisite
diff --git a/web/htdocs/js/wato.js b/web/htdocs/js/wato.js
index 4408194..76bf3be 100644
--- a/web/htdocs/js/wato.js
+++ b/web/htdocs/js/wato.js
@@ -506,7 +506,7 @@ function wato_replication_finish() {
function wato_randomize_secret(id, len) {
var secret = "";
for (var i=0; i<len; i++) {
- var c = parseInt((126-33) * Math.random() + 33);
+ var c = parseInt(26 * Math.random() + 64);
secret += String.fromCharCode(c);
}
var oInput = document.getElementById(id);
diff --git a/web/htdocs/login.py b/web/htdocs/login.py
index aff6fa1..4a48d9f 100644
--- a/web/htdocs/login.py
+++ b/web/htdocs/login.py
@@ -131,7 +131,21 @@ def check_auth_cookie(cookie_name):
# Return the authenticated username
return username
+def check_auth_automation():
+ secret = html.var("_secret").strip()
+ user = html.var("_username").strip()
+ del html.req.vars['_username']
+ del html.req.vars['_secret']
+ if secret and user and "/" not in user:
+ path = defaults.var_dir + "/web/" + user +
"/automation.secret"
+ if os.path.isfile(path) and file(path).read().strip() == secret:
+ return user
+ raise MKAuthException(_("Invalid automation secret for user %s") % user)
+
def check_auth():
+ if html.var("_secret"):
+ return check_auth_automation()
+
for cookie_name in html.get_cookie_names():
if cookie_name.startswith('auth_'):
try:
diff --git a/web/htdocs/wato.py b/web/htdocs/wato.py
index dba1728..b8624c2 100644
--- a/web/htdocs/wato.py
+++ b/web/htdocs/wato.py
@@ -7779,7 +7779,7 @@ def mode_edit_user(phase):
html.radiobutton("authmethod", "secret", is_automation,
_("Automation secret for machine accounts"))
html.write("<ul>")
- html.text_input("secret", user.get("automation_secret",
""), size=21,
+ html.text_input("secret", user.get("automation_secret",
""), size=30,
id="automation_secret")
html.write(" ")
html.write("<b style='position: relative; top: 4px;'>
")