Skip to content
Snippets Groups Projects

Resolve "LDAP-Authentifizierung an Active Directory"

Merged Resolve "LDAP-Authentifizierung an Active Directory"
295-ldap-authentifizierung-an-active-directory into master
Merged Julian Rother requested to merge 295-ldap-authentifizierung-an-active-directory into master
Compare
and
2 files
+ 15
28
Compare changes
  • Side-by-side
  • Inline
Files
2
db.py
+ 10
24
@@ -152,24 +152,14 @@ if 'LDAP_HOST' in config:
@@ -152,24 +152,14 @@ if 'LDAP_HOST' in config:
def ldapauth(user, password):
def ldapauth(user, password):
user = LDAP_USERRE.sub(r'', user.lower())
user = LDAP_USERRE.sub(r'', user.lower())
try:
try:
conn = ldap3.Connection(ldap3.Server(config['LDAP_HOST'], port=config['LDAP_PORT'], use_ssl=True), 'uid=%s,ou=users,dc=fsmpi,dc=rwth-aachen,dc=de'%user, password, auto_bind=True)
conn = ldap3.Connection(ldap3.Server(config['LDAP_HOST'], port=config['LDAP_PORT'], use_ssl=True), 'fsmpi\\%s'%user, password, auto_bind=True, check_names=False)
groups = []
except ldap3.core.exceptions.LDAPBindError:
if conn.search("ou=groups,dc=fsmpi,dc=rwth-aachen,dc=de", "(&(cn=*)(memberUid=%s))"%user, attributes=['cn']):
return {}, []
groups = [e['attributes']['cn'][0] for e in conn.response]
conn.search("cn=users,dc=fsmpi,dc=rwth-aachen,dc=de", "(cn=%s)"%user, attributes=['memberOf', 'givenName', 'sn'])
conn.unbind()
info = {'uid': user, 'givenName': conn.response[0]['attributes']['givenName'][0], 'sn': conn.response[0]['attributes']['sn'][0]}
return user, groups
groups = [g.split(',')[0].split('=')[-1] for g in conn.response[0]['attributes']['memberOf']]
except ldap3.core.exceptions.LDAPExceptionError:
conn.unbind()
return None, []
return info, groups
def ldapget(user):
user = LDAP_USERRE.sub(r'', user.lower())
conn = ldap3.Connection(ldap3.Server(config['LDAP_HOST'], port=config['LDAP_PORT'], use_ssl=True), auto_bind=True)
conn.search("ou=users,dc=fsmpi,dc=rwth-aachen,dc=de", "(uid=%s)"%user,
attributes=ldap3.ALL_ATTRIBUTES)
if not conn.response:
return {}
e = conn.response[0]
return {'uid': user, 'givenName': e['attributes']['givenName'][0], 'sn':e['attributes']['sn'][0]}
else:
else:
notldap = {
notldap = {
@@ -180,9 +170,5 @@ else:
@@ -180,9 +170,5 @@ else:
def ldapauth(user, password):
def ldapauth(user, password):
user = LDAP_USERRE.sub(r'', user.lower())
user = LDAP_USERRE.sub(r'', user.lower())
if config.get('DEBUG') and user in notldap and password == notldap[user][0]:
if config.get('DEBUG') and user in notldap and password == notldap[user][0]:
return user, notldap[user][1]
return notldap[user][2], notldap[user][1]
return None, []
return {}, []
def ldapget(user):
user = LDAP_USERRE.sub(r'', user.lower())
return notldap[user][2]