diff --git a/server.py b/server.py
index cbe7048588da881a6886fc045d4d5de4b84bccac..eaf2fc2d8d419800a6e8976db4f0a9b44deb1012 100755
--- a/server.py
+++ b/server.py
@@ -1,8 +1,10 @@
 #!/bin/python
-from flask import Flask, render_template, g, request, url_for, redirect
+from flask import Flask, render_template, g, request, url_for, redirect, session
 import mysql.connector
 import sqlite3
 import os
+import ldap3
+import re
 
 app = Flask(__name__)
 config = app.config
@@ -34,7 +36,7 @@ def dict_factory(cursor, row):
 	d = {}
 	for idx, col in enumerate(cursor.description):
 		if type(row[idx]) == str:
-			d[col[0].split('.')[-1]] = row[idx].replace('\\n','\n')
+			d[col[0].split('.')[-1]] = row[idx].replace('\\n','\n').replace('\\r','\r')
 		else:
 			d[col[0].split('.')[-1]] = row[idx]
 	return d
@@ -71,6 +73,23 @@ def searchquery(text, columns, match, tables, suffix, *suffixparams):
 	expr = 'SELECT *,SUM(_prio) AS _score FROM (%s) AS _tmp %s'%(' UNION '.join(subexprs), suffix)
 	return query(expr, *params, *suffixparams)
 
+LDAP_USERRE = re.compile(r'[^a-z0-9]')
+def ldapauth(user, password):
+	notldap = {'videoag':('videoag', ['users','videoag']), 'gustav':('passwort', ['users'])}
+	user = LDAP_USERRE.sub(r'', user.lower())
+	if 'LDAP_HOST' in config:
+		try:
+			conn = ldap3.Connection(config['LDAP_HOST'], 'uid=%s,ou=users,dc=fsmpi,dc=rwth-aachen,dc=de'%user, password, auto_bind=True)
+			if conn.search("ou=groups,dc=fsmpi,dc=rwth-aachen,dc=de", "(&(cn=*)(memberUid=%s))"%user, attributes=['cn']):
+				groups = [e.cn.value for e in conn.entries]
+			conn.unbind()
+			return user, groups
+		except ldap3.core.exceptions.LDAPBindError:
+			pass
+	elif config.get('DEBUG') and user in notldap and password == notldap[user][0]:
+		return user, notldap[user][1]
+	return None, []
+
 @app.route('/')
 def index():
 	return render_template('index.html', latestvideos=query('''