From 55701c2d9f0b008970289fba54c13aa31e04bacb Mon Sep 17 00:00:00 2001
From: Magnus <magnus@fsmpi.rwth-aachen.de>
Date: Fri, 2 Oct 2020 23:04:08 +0200
Subject: [PATCH] handle unwanted symbols in login username

---
 ldap.py | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/ldap.py b/ldap.py
index dae4a3f..ef5430e 100644
--- a/ldap.py
+++ b/ldap.py
@@ -7,8 +7,9 @@ if 'LDAP_HOST' in config:
 	import ldap3
 
 	def ldapauth(user, password): # pylint: disable=function-redefined
-		user = LDAP_USERRE.sub(r'', user.lower())
-		try:
+		if(LDAP_USERRE.search(user)):
+			return {}, []
+		try: 
 			server = ldap3.Server(config['LDAP_HOST'], port=config['LDAP_PORT'], use_ssl=True)
 			conn = ldap3.Connection(server, 'fsmpi\\%s'%user, password, auto_bind=True, check_names=False)
 		except (ldap3.core.exceptions.LDAPBindError, ldap3.core.exceptions.LDAPPasswordIsMandatoryError):
@@ -26,7 +27,8 @@ else:
 	}
 
 	def ldapauth(user, password): # pylint: disable=function-redefined
-		user = LDAP_USERRE.sub(r'', user.lower())
+		if(LDAP_USERRE.search(user)):
+			return {}, []
 		if config.get('DEBUG') and user in NOTLDAP and password == NOTLDAP[user][0]:
 			return NOTLDAP[user][2], NOTLDAP[user][1]
 		return {}, []
-- 
GitLab