From 49b235e6f02896cee31eeb4aea35f761fb225dbb Mon Sep 17 00:00:00 2001 From: Dain Nilsson Date: Wed, 8 May 2013 12:05:32 +0200 Subject: [PATCH] Added db settings to auth. --- yubiadmin/apps/auth.py | 32 ++++++++++++++++++++++++++++---- yubiadmin/apps/val.py | 10 +++++----- 2 files changed, 33 insertions(+), 9 deletions(-) diff --git a/yubiadmin/apps/auth.py b/yubiadmin/apps/auth.py index 1afafb1..294a5a5 100644 --- a/yubiadmin/apps/auth.py +++ b/yubiadmin/apps/auth.py @@ -25,9 +25,7 @@ # ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE # POSSIBILITY OF SUCH DAMAGE. -from wtforms.fields import (SelectField, TextField, PasswordField, - BooleanField, IntegerField) -from wtforms.widgets import PasswordInput +from wtforms.fields import SelectField, TextField, BooleanField, IntegerField from wtforms.validators import NumberRange, URL from yubiadmin.util.app import App from yubiadmin.util.config import (python_handler, python_list_handler, @@ -61,6 +59,8 @@ auth_config = FileConfig( ('yubikey_id', python_handler('YUBIKEY_IDENTIFICATION', False)), ('use_hsm', python_handler('USE_HSM', False)), ('hsm_device', python_handler('YHSM_DEVICE', 'yhsm://localhost:5348')), + ('db_config', python_handler('DATABASE_CONFIGURATION', + 'sqlite:///:memory:')), ] ) @@ -122,6 +122,24 @@ class HSMForm(ConfigForm): hsm_device = TextField('YubiHSM device') +class DatabaseForm(ConfigForm): + legend = 'Database' + description = 'Settings for connecting to the database' + config = auth_config + attrs = {'db_config': {'class': 'input-xxlarge'}} + + db_config = TextField( + 'Connection String', + description=""" + SQLAlchemy connection string. For full details on syntax and supported + database engines, see this section of the SQLAlchemy documentation. + Example: postgresql://yubiauth:password@localhost/yubiauth + """ + ) + + class ValidationServerForm(ConfigForm): legend = 'Validation Servers' description = 'Configure servers used for YubiKey OTP validation' @@ -149,7 +167,7 @@ class YubiAuth(App): """ name = 'auth' - sections = ['general', 'validation', 'advanced'] + sections = ['general', 'database', 'validation', 'advanced'] def general(self, request): """ @@ -157,6 +175,12 @@ class YubiAuth(App): """ return self.render_forms(request, [SecurityForm(), HSMForm()]) + def database(self, request): + """ + Database + """ + return self.render_forms(request, [DatabaseForm()]) + def validation(self, request): """ Validation Server(s) diff --git a/yubiadmin/apps/val.py b/yubiadmin/apps/val.py index 9bdb8c1..98abc76 100644 --- a/yubiadmin/apps/val.py +++ b/yubiadmin/apps/val.py @@ -168,14 +168,14 @@ class SyncPoolForm(ConfigForm): sync_pool = ListField( 'Sync Pool URLs', [URL()], description=""" - List of URLs to other servers in the sync pool.
+ List of URLs to other servers in the sync pool. Example: http://example.com/wsapi/2.0/sync """) allowed_sync_pool = ListField( 'Allowed Sync IPs', [IPAddress()], description=""" List of IP-addresses of other servers that are allowed to sync with - this server.
+ this server. Example: 10.0.0.1 """) @@ -193,9 +193,9 @@ class KSMForm(ConfigForm): ksm_urls = ListField( 'KSM URLs', [URL()], description=""" - List of URLs to KSMs.
- The URLs must be fully qualified, i.e., contain the OTP itself.
- Example: http://example.com/wsapi/decrypt?otp=$otp
+ List of URLs to KSMs. + The URLs must be fully qualified, i.e., contain the OTP itself. + Example: http://example.com/wsapi/decrypt?otp=$otp More advanced OTP to KSM mapping is possible by manually editing the configuration file. """)