sonicnkt / glauth-ui Goto Github PK
View Code? Open in Web Editor NEWGlauth management ui created with python/flask
License: MIT License
Glauth management ui created with python/flask
License: MIT License
Hi sonicnkt :)
I am really happy with using glauth-ui for a project or two, but I noticed that it currently is not under a specific license. Are you planning on changing that?
Hello,
When I use a bind mount for the /home/ldap/db
directory, I get an error that the database cannot be opened, before the initial database is even created. I've tried a populated folder (with config.cfg), and an empty one. This does not happen when I use a volume mount. My docker-compose.yml is as follows:
version: '3'
services:
glauth:
image: glauth/glauth
container_name: glauth
restart: unless-stopped
ports:
- 389:389
- 636:636
volumes:
- $DOCKERDIR/swag/config/keys:/app/config/certs
- $DOCKERDIR/glauth/config.cfg:/app/config/config.cfg
glauthui:
image: glauthui:latest
container_name: glauth-ui
restart: unless-stopped
ports:
- 9045:5000
volumes:
- $DOCKERDIR/glauth:/home/ldap/db
- $SECRETSDIR/glauth:/secrets
environment:
- SECRET_KEY=<redacted>
- MAIL_SERVER=smtp.gmail.com
- MAIL_PORT=587
- MAIL_USE_TLS=1
- MAIL_USERNAME=
- MAIL_PASSWORD=
- MAIL_ADMIN=
Works if:
volumes:
- dockervolume:/home/ldap/db
Error:
[2021-04-20 20:56:31,397] INFO in __init__: Glauth UI
sqlite3.OperationalError: unable to open database file
The above exception was the direct cause of the following exception:
Traceback (most recent call last):
File "/home/ldap/venv/bin/flask", line 8, in <module>
sys.exit(main())
File "/home/ldap/venv/lib/python3.8/site-packages/flask/cli.py", line 967, in main
cli.main(args=sys.argv[1:], prog_name="python -m flask" if as_module else None)
File "/home/ldap/venv/lib/python3.8/site-packages/flask/cli.py", line 586, in main
return super(FlaskGroup, self).main(*args, **kwargs)
File "/home/ldap/venv/lib/python3.8/site-packages/click/core.py", line 782, in main
rv = self.invoke(ctx)
File "/home/ldap/venv/lib/python3.8/site-packages/click/core.py", line 1259, in invoke
return _process_result(sub_ctx.command.invoke(sub_ctx))
File "/home/ldap/venv/lib/python3.8/site-packages/click/core.py", line 1066, in invoke
return ctx.invoke(self.callback, **ctx.params)
File "/home/ldap/venv/lib/python3.8/site-packages/click/core.py", line 610, in invoke
return callback(*args, **kwargs)
File "/home/ldap/venv/lib/python3.8/site-packages/click/decorators.py", line 21, in new_func
return f(get_current_context(), *args, **kwargs)
File "/home/ldap/venv/lib/python3.8/site-packages/flask/cli.py", line 426, in decorator
return __ctx.invoke(f, *args, **kwargs)
File "/home/ldap/venv/lib/python3.8/site-packages/click/core.py", line 610, in invoke
return callback(*args, **kwargs)
File "/home/ldap/app/__init__.py", line 74, in createdbdata
if models.User.query.count() == 0:
File "/home/ldap/venv/lib/python3.8/site-packages/sqlalchemy/orm/query.py", line 3803, in count
return self.from_self(col).scalar()
File "/home/ldap/venv/lib/python3.8/site-packages/sqlalchemy/orm/query.py", line 3523, in scalar
ret = self.one()
File "/home/ldap/venv/lib/python3.8/site-packages/sqlalchemy/orm/query.py", line 3490, in one
ret = self.one_or_none()
File "/home/ldap/venv/lib/python3.8/site-packages/sqlalchemy/orm/query.py", line 3459, in one_or_none
ret = list(self)
File "/home/ldap/venv/lib/python3.8/site-packages/sqlalchemy/orm/query.py", line 3535, in __iter__
return self._execute_and_instances(context)
File "/home/ldap/venv/lib/python3.8/site-packages/sqlalchemy/orm/query.py", line 3556, in _execute_and_instances
conn = self._get_bind_args(
File "/home/ldap/venv/lib/python3.8/site-packages/sqlalchemy/orm/query.py", line 3571, in _get_bind_args
return fn(
File "/home/ldap/venv/lib/python3.8/site-packages/sqlalchemy/orm/query.py", line 3550, in _connection_from_session
conn = self.session.connection(**kw)
File "/home/ldap/venv/lib/python3.8/site-packages/sqlalchemy/orm/session.py", line 1142, in connection
return self._connection_for_bind(
File "/home/ldap/venv/lib/python3.8/site-packages/sqlalchemy/orm/session.py", line 1150, in _connection_for_bind
return self.transaction._connection_for_bind(
File "/home/ldap/venv/lib/python3.8/site-packages/sqlalchemy/orm/session.py", line 433, in _connection_for_bind
conn = bind._contextual_connect()
File "/home/ldap/venv/lib/python3.8/site-packages/sqlalchemy/engine/base.py", line 2302, in _contextual_connect
self._wrap_pool_connect(self.pool.connect, None),
File "/home/ldap/venv/lib/python3.8/site-packages/sqlalchemy/engine/base.py", line 2339, in _wrap_pool_connect
Connection._handle_dbapi_exception_noconnection(
File "/home/ldap/venv/lib/python3.8/site-packages/sqlalchemy/engine/base.py", line 1583, in _handle_dbapi_exception_noconnection
util.raise_(
File "/home/ldap/venv/lib/python3.8/site-packages/sqlalchemy/util/compat.py", line 182, in raise_
raise exception
File "/home/ldap/venv/lib/python3.8/site-packages/sqlalchemy/engine/base.py", line 2336, in _wrap_pool_connect
return fn()
File "/home/ldap/venv/lib/python3.8/site-packages/sqlalchemy/pool/base.py", line 364, in connect
return _ConnectionFairy._checkout(self)
File "/home/ldap/venv/lib/python3.8/site-packages/sqlalchemy/pool/base.py", line 778, in _checkout
fairy = _ConnectionRecord.checkout(pool)
File "/home/ldap/venv/lib/python3.8/site-packages/sqlalchemy/pool/base.py", line 495, in checkout
rec = pool._do_get()
File "/home/ldap/venv/lib/python3.8/site-packages/sqlalchemy/pool/impl.py", line 241, in _do_get
return self._create_connection()
File "/home/ldap/venv/lib/python3.8/site-packages/sqlalchemy/pool/base.py", line 309, in _create_connection
return _ConnectionRecord(self)
File "/home/ldap/venv/lib/python3.8/site-packages/sqlalchemy/pool/base.py", line 440, in __init__
self.__connect(first_connect_check=True)
File "/home/ldap/venv/lib/python3.8/site-packages/sqlalchemy/pool/base.py", line 661, in __connect
pool.logger.debug("Error on connect(): %s", e)
File "/home/ldap/venv/lib/python3.8/site-packages/sqlalchemy/util/langhelpers.py", line 68, in __exit__
compat.raise_(
File "/home/ldap/venv/lib/python3.8/site-packages/sqlalchemy/util/compat.py", line 182, in raise_
raise exception
File "/home/ldap/venv/lib/python3.8/site-packages/sqlalchemy/pool/base.py", line 656, in __connect
connection = pool._invoke_creator(self)
File "/home/ldap/venv/lib/python3.8/site-packages/sqlalchemy/engine/strategies.py", line 114, in connect
return dialect.connect(*cargs, **cparams)
File "/home/ldap/venv/lib/python3.8/site-packages/sqlalchemy/engine/default.py", line 508, in connect
return self.dbapi.connect(*cargs, **cparams)
sqlalchemy.exc.OperationalError: (sqlite3.OperationalError) unable to open database file
(Background on this error at: http://sqlalche.me/e/13/e3q8)
Am I dense and am missing something, or doing something wrong?
Thanks in advance!
Hi.
I recently installed a new GLAuth instance (Alpine 3.18, running & tested) with glauth-ui (latest). glauth-ui shows Login-Page. After Login I get "Internal Server Error" page.
Docker Logs:
glauthui | /home/ldap/app/__init__.py:23: UserWarning: For Bootstrap 4, please import and use "Bootstrap4" class, the "Bootstrap" class is deprecated and will be removed in 3.0. glauthui | bootstrap = Bootstrap(app) glauthui | [2023-06-18 08:51:23,040] INFO in __init__: Glauth UI glauthui | Traceback (most recent call last): glauthui | File "/home/ldap/venv/bin/flask", line 8, in <module> glauthui | sys.exit(main()) glauthui | File "/home/ldap/venv/lib/python3.10/site-packages/flask/cli.py", line 994, in main glauthui | cli.main(args=sys.argv[1:]) glauthui | File "/home/ldap/venv/lib/python3.10/site-packages/flask/cli.py", line 600, in main glauthui | return super().main(*args, **kwargs) glauthui | File "/home/ldap/venv/lib/python3.10/site-packages/click/core.py", line 1053, in main glauthui | rv = self.invoke(ctx) glauthui | File "/home/ldap/venv/lib/python3.10/site-packages/click/core.py", line 1659, in invoke glauthui | return _process_result(sub_ctx.command.invoke(sub_ctx)) glauthui | File "/home/ldap/venv/lib/python3.10/site-packages/click/core.py", line 1659, in invoke glauthui | return _process_result(sub_ctx.command.invoke(sub_ctx)) glauthui | File "/home/ldap/venv/lib/python3.10/site-packages/click/core.py", line 1395, in invoke glauthui | return ctx.invoke(self.callback, **ctx.params) glauthui | File "/home/ldap/venv/lib/python3.10/site-packages/click/core.py", line 754, in invoke glauthui | return __callback(*args, **kwargs) glauthui | File "/home/ldap/venv/lib/python3.10/site-packages/click/decorators.py", line 26, in new_func glauthui | return f(get_current_context(), *args, **kwargs) glauthui | File "/home/ldap/venv/lib/python3.10/site-packages/flask/cli.py", line 444, in decorator glauthui | return __ctx.invoke(f, *args, **kwargs) glauthui | File "/home/ldap/venv/lib/python3.10/site-packages/click/core.py", line 754, in invoke glauthui | return __callback(*args, **kwargs) glauthui | File "/home/ldap/venv/lib/python3.10/site-packages/flask_migrate/cli.py", line 149, in upgrade glauthui | _upgrade(directory, revision, sql, tag, x_arg) glauthui | File "/home/ldap/venv/lib/python3.10/site-packages/flask_migrate/__init__.py", line 98, in wrapped glauthui | f(*args, **kwargs) glauthui | File "/home/ldap/venv/lib/python3.10/site-packages/flask_migrate/__init__.py", line 185, in upgrade glauthui | command.upgrade(config, revision, sql=sql, tag=tag) glauthui | File "/home/ldap/venv/lib/python3.10/site-packages/alembic/command.py", line 320, in upgrade glauthui | script.run_env() glauthui | File "/home/ldap/venv/lib/python3.10/site-packages/alembic/script/base.py", line 563, in run_env glauthui | util.load_python_file(self.dir, "env.py") glauthui | File "/home/ldap/venv/lib/python3.10/site-packages/alembic/util/pyfiles.py", line 92, in load_python_file glauthui | module = load_module_py(module_id, path) glauthui | File "/home/ldap/venv/lib/python3.10/site-packages/alembic/util/pyfiles.py", line 108, in load_module_py glauthui | spec.loader.exec_module(module) # type: ignore glauthui | File "<frozen importlib._bootstrap_external>", line 883, in exec_module glauthui | File "<frozen importlib._bootstrap>", line 241, in _call_with_frames_removed glauthui | File "/home/ldap/migrations/env.py", line 25, in <module> glauthui | str(current_app.extensions['migrate'].db.engine.url).replace('%', '%%')) glauthui | File "/home/ldap/venv/lib/python3.10/site-packages/flask_sqlalchemy/__init__.py", line 998, in engine glauthui | return self.get_engine() glauthui | File "/home/ldap/venv/lib/python3.10/site-packages/flask_sqlalchemy/__init__.py", line 1017, in get_engine glauthui | return connector.get_engine() glauthui | File "/home/ldap/venv/lib/python3.10/site-packages/flask_sqlalchemy/__init__.py", line 594, in get_engine glauthui | self._engine = rv = self._sa.create_engine(sa_url, options) glauthui | File "/home/ldap/venv/lib/python3.10/site-packages/flask_sqlalchemy/__init__.py", line 1027, in create_engine glauthui | return sqlalchemy.create_engine(sa_url, **engine_opts) glauthui | File "<string>", line 2, in create_engine glauthui | File "/home/ldap/venv/lib/python3.10/site-packages/sqlalchemy/util/deprecations.py", line 309, in warned glauthui | return fn(*args, **kwargs) glauthui | File "/home/ldap/venv/lib/python3.10/site-packages/sqlalchemy/engine/create.py", line 560, in create_engine glauthui | dbapi = dialect_cls.dbapi(**dbapi_args) glauthui | File "/home/ldap/venv/lib/python3.10/site-packages/sqlalchemy/dialects/mysql/mysqldb.py", line 163, in dbapi glauthui | return __import__("MySQLdb") glauthui | ModuleNotFoundError: No module named 'MySQLdb' glauthui | /home/ldap/app/__init__.py:23: UserWarning: For Bootstrap 4, please import and use "Bootstrap4" class, the "Bootstrap" class is deprecated and will be removed in 3.0. glauthui | bootstrap = Bootstrap(app) glauthui | [2023-06-18 08:51:23,920] INFO in __init__: Glauth UI glauthui | Traceback (most recent call last): glauthui | File "/home/ldap/venv/lib/python3.10/site-packages/sqlalchemy/util/_collections.py", line 1008, in __call__ glauthui | return self.registry[key] glauthui | KeyError: <greenlet.greenlet object at 0x7f75895797c0 (otid=0x7f758720e9a0) current active started main> glauthui | glauthui | During handling of the above exception, another exception occurred: glauthui | glauthui | Traceback (most recent call last): glauthui | File "/home/ldap/venv/bin/flask", line 8, in <module> glauthui | sys.exit(main()) glauthui | File "/home/ldap/venv/lib/python3.10/site-packages/flask/cli.py", line 994, in main glauthui | cli.main(args=sys.argv[1:]) glauthui | File "/home/ldap/venv/lib/python3.10/site-packages/flask/cli.py", line 600, in main glauthui | return super().main(*args, **kwargs) glauthui | File "/home/ldap/venv/lib/python3.10/site-packages/click/core.py", line 1053, in main glauthui | rv = self.invoke(ctx) glauthui | File "/home/ldap/venv/lib/python3.10/site-packages/click/core.py", line 1659, in invoke glauthui | return _process_result(sub_ctx.command.invoke(sub_ctx)) glauthui | File "/home/ldap/venv/lib/python3.10/site-packages/click/core.py", line 1395, in invoke glauthui | return ctx.invoke(self.callback, **ctx.params) glauthui | File "/home/ldap/venv/lib/python3.10/site-packages/click/core.py", line 754, in invoke glauthui | return __callback(*args, **kwargs) glauthui | File "/home/ldap/venv/lib/python3.10/site-packages/click/decorators.py", line 26, in new_func glauthui | return f(get_current_context(), *args, **kwargs) glauthui | File "/home/ldap/venv/lib/python3.10/site-packages/flask/cli.py", line 444, in decorator glauthui | return __ctx.invoke(f, *args, **kwargs) glauthui | File "/home/ldap/venv/lib/python3.10/site-packages/click/core.py", line 754, in invoke glauthui | return __callback(*args, **kwargs) glauthui | File "/home/ldap/app/__init__.py", line 74, in createdbdata glauthui | if models.User.query.count() == 0: glauthui | File "/home/ldap/venv/lib/python3.10/site-packages/flask_sqlalchemy/__init__.py", line 552, in __get__ glauthui | return type.query_class(mapper, session=self.sa.session()) glauthui | File "/home/ldap/venv/lib/python3.10/site-packages/sqlalchemy/orm/scoping.py", line 47, in __call__ glauthui | sess = self.registry() glauthui | File "/home/ldap/venv/lib/python3.10/site-packages/sqlalchemy/util/_collections.py", line 1010, in __call__ glauthui | return self.registry.setdefault(key, self.createfunc()) glauthui | File "/home/ldap/venv/lib/python3.10/site-packages/sqlalchemy/orm/session.py", line 4195, in __call__ glauthui | return self.class_(**local_kw) glauthui | File "/home/ldap/venv/lib/python3.10/site-packages/flask_sqlalchemy/__init__.py", line 176, in __init__ glauthui | bind = options.pop('bind', None) or db.engine glauthui | File "/home/ldap/venv/lib/python3.10/site-packages/flask_sqlalchemy/__init__.py", line 998, in engine glauthui | return self.get_engine() glauthui | File "/home/ldap/venv/lib/python3.10/site-packages/flask_sqlalchemy/__init__.py", line 1017, in get_engine glauthui | return connector.get_engine() glauthui | File "/home/ldap/venv/lib/python3.10/site-packages/flask_sqlalchemy/__init__.py", line 594, in get_engine glauthui | self._engine = rv = self._sa.create_engine(sa_url, options) glauthui | File "/home/ldap/venv/lib/python3.10/site-packages/flask_sqlalchemy/__init__.py", line 1027, in create_engine glauthui | return sqlalchemy.create_engine(sa_url, **engine_opts) glauthui | File "<string>", line 2, in create_engine glauthui | File "/home/ldap/venv/lib/python3.10/site-packages/sqlalchemy/util/deprecations.py", line 309, in warned glauthui | return fn(*args, **kwargs) glauthui | File "/home/ldap/venv/lib/python3.10/site-packages/sqlalchemy/engine/create.py", line 560, in create_engine glauthui | dbapi = dialect_cls.dbapi(**dbapi_args) glauthui | File "/home/ldap/venv/lib/python3.10/site-packages/sqlalchemy/dialects/mysql/mysqldb.py", line 163, in dbapi glauthui | return __import__("MySQLdb") glauthui | ModuleNotFoundError: No module named 'MySQLdb' glauthui | [2023-06-18 08:51:24 +0200] [1] [INFO] Starting gunicorn 20.1.0 glauthui | [2023-06-18 08:51:24 +0200] [1] [INFO] Listening at: http://0.0.0.0:5000 (1) glauthui | [2023-06-18 08:51:24 +0200] [1] [INFO] Using worker: sync glauthui | [2023-06-18 08:51:24 +0200] [9] [INFO] Booting worker with pid: 9 glauthui | /home/ldap/app/__init__.py:23: UserWarning: For Bootstrap 4, please import and use "Bootstrap4" class, the "Bootstrap" class is deprecated and will be removed in 3.0. glauthui | bootstrap = Bootstrap(app) glauthui | [2023-06-18 08:51:24,870] INFO in __init__: Glauth UI
What can I do to get it running well?
My SQL connection String in docker-compose.yml (tried all three):
DATABASE_URL=**mysql**://<myuser>:<mypassword>@<myIP>:3306/<mydatabase>
or
DATABASE_URL=**pymysq:**//<myuser>:<mypassword>@<myIP>:3306/<mydatabase>
or
DATABASE_URL=**mysql+pymysql**://<myuser>:<mypassword>@<myIP>:3306/<mydatabase>
Additional Info: there is no SQL query arriving at the database (on different server, permissions set correctly, manual query works)
Greeting,
Magnus
Realistically the user never needs to care about the secret key, it can be auto-generated during the first run. I think it makes sense to put it in the database and not the file system because that way if you use a distributed database backend like cockroachDb every node gets the same secret key and everything sort of just works.
import secrets
secret_key=secrets.token_urlsafe(50)
Is part of the standard library.
Just removes a little bit more friction when people set up the service for the first time.
I added the following config option to solving issues using nginx as reverse proxy and serving the app in the subdirectory like subdomain.example.com/glauth
:
SERVER_NAME = os.environ.get('BASE_URL')
I still cant get this to work tho and only getting 404 erros when trying to access anything.
Any help on this would be very much appreciated :)
I tried:
server {
listen 443 ssl http2;
server_name subdomain.example.com;
include /etc/nginx/ssl-stuff.conf;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
add_header X-Frame-Options SAMEORIGIN;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
client_max_body_size 100M;
location ~/glauth(.*) {
proxy_pass http://127.0.0.1:3005$1;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Port $server_port;
}
}
as well as
location /glauth/ {
proxy_pass http://127.0.0.1:3005$1;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Port $server_port;
}
Settings the SERVER_NAME
to subdomain.example.com/glauth
makes the all links look correct but it still results in 404 errors. Without the subdirectory everything works without any issues even without the server_name set.
The issues is probably with some of the proxy_header settings but i dont have much experience with this.
Hi Nils,
I would like to check whether you are still actively working on this project. This is a very nice addition to the GLAuth ecosystem so I hope you are! ;)
At the moment webbrowsers offers autofill for all password forms in the app.
This should be disabled for the admin interface, change password form (new password), reset password form and new account form.
If you change the UID of an existing user that is associated with groups already, the appropriate tables are no updated to ensure the new UID is a member of all the groups.
Steps to reproduce:
At this point, the user will no longer be a member of GROUPA.
This is the one I came up with
version: '3.7'
services:
ui:
image: glauthui:latest
container_name: glauthui
restart: unless-stopped
ports:
- 801:5000
volumes:
# Mount Folder that contains DB and config file outside the container
- 'glauth:/home/ldap/db'
environment:
- SECRET_KEY=mysuperlongsecretkeythatnobodywillguess
# MAIL CONFIG
#- MAIL_SERVER=mail.example.com
#- MAIL_PORT=587
#- MAIL_USE_TLS=1
#- MAIL_USERNAME=username
#- MAIL_PASSWORD=password
#- [email protected]
glauth:
image: glauth/glauth
command: glauth -c /config/
volumes:
glauth:
Should make it easier for people to get set up. I'm not sure I have it set up properly though.
Is that a feature you'd be interested in including in this project? The lepture/authlib project looks like it would be a good place to start. A lot of apps are able to get user data from OAuth, and covering both LDAP and OAuth covers a large segment of potential downstream apps.
It would also be nice to support OpenID Connect once authlib's support for it is in stable.
The Glauth settings tab is missing two values (nameformat and groupformat) under the "backend" section:
[backend]
datastore = "config"
baseDN = "dc=glauth,dc=com"
nameformat = "uid"
groupformat = "cn"
Please add those two options to the Glauth settings page.
Thanks!
I have an existing glauth environment that I would like to manage with glauth-ui. It's using just the config file. I don't quite understand from the README but it seems that when you set this up, you create a blank glauth environment then this exports a .cfg which can be used. Is it possible to import from an existing glauth environment?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.