def _delete_string(self, key, value):
return self._delete_strings(key, [value,])
+ @lazy_property
+ def kerberos_attributes(self):
+ res = self.backend.accounts._query(
+ "(&(objectClass=krbPrincipal)(krbPrincipalName=%s@IPFIRE.ORG))" % self.uid,
+ attrlist=[
+ "krbLastSuccessfulAuth",
+ "krbLastPasswordChange",
+ "krbLastFailedAuth",
+ "krbLoginFailedCount",
+ ],
+ limit=1,
+ search_base="cn=krb5,%s" % self.backend.accounts.search_base)
+
+ for dn, attrs in res:
+ return { key : attrs[key][0] for key in attrs }
+
+ return {}
+
+ @staticmethod
+ def _parse_date(s):
+ return datetime.datetime.strptime(s.decode(), "%Y%m%d%H%M%SZ")
+
+ @property
+ def last_successful_authentication(self):
+ try:
+ s = self.kerberos_attributes["krbLastSuccessfulAuth"]
+ except KeyError:
+ return None
+
+ return self._parse_date(s)
+
+ @property
+ def last_failed_authentication(self):
+ try:
+ s = self.kerberos_attributes["krbLastFailedAuth"]
+ except KeyError:
+ return None
+
+ return self._parse_date(s)
+
+ @property
+ def failed_login_count(self):
+ try:
+ count = self.kerberos_attributes["krbLoginFailedCount"].decode()
+ except KeyError:
+ return 0
+
+ try:
+ return int(count)
+ except ValueError:
+ return 0
+
def passwd(self, password):
"""
Sets a new password
</div>
{% if current_user.is_admin() %}
- <p class="small text-muted">
- {{ _("Last Modified %s") % locale.format_date(account.modified_at) }}
- </p>
+ <ul class="list-unstyled small text-muted">
+ <li>
+ {{ _("Last Modified %s") % locale.format_date(account.modified_at) }}
+ </li>
+
+ {% if account.last_successful_authentication %}
+ <li>
+ {{ _("Last successful authentication: %s") % locale.format_date(account.last_successful_authentication) }}
+ </li>
+ {% end %}
+
+ {% if account.failed_login_count %}
+ <li class="text-warning">
+ {{ _("One unsuccessful authentication attempt.", "%(num)s unsuccessful authentication attempts.", account.failed_login_count) % { "num" : account.failed_login_count } }}
+
+ {% if account.last_failed_authentication %}
+ {{ _("Last attempt: %s") % locale.format_date(account.last_failed_authentication) }}
+ {% end %}
+ </li>
+ {% end %}
+ </ul>
{% end %}
{% end block %}