forked from moepman/bk-dss
Allow logins with fully qualified user names.
This commit is contained in:
parent
59962f53a1
commit
be26efa343
@ -3,11 +3,12 @@ SECRET_KEY = "CHANGE!ME"
|
||||
SESSION_TIMEOUT = 3600
|
||||
|
||||
LDAP_URI = "ldaps://ldap.example.com"
|
||||
LDAP_BASE = "ou=people,dc=example,dc=com"
|
||||
LDAP_BASE = "dc=example,dc=com"
|
||||
|
||||
USER_DN = "cn={user},ou=people,dc=example,dc=com"
|
||||
|
||||
ADMINS = [ "cn=admin,ou=people,dc=example,dc=com" ]
|
||||
|
||||
CREATE_DN = "cn={user},ou=people,dc=example,dc=com"
|
||||
CREATE_ATTRS = {
|
||||
'objectClass' : ['top', 'inetOrgPerson', 'organizationalPerson', 'person', 'posixAccount'],
|
||||
'cn' : '{user}',
|
||||
|
8
index.py
8
index.py
@ -85,7 +85,7 @@ def create():
|
||||
'gn' : form.gn.data,
|
||||
'sn' : form.sn.data,
|
||||
}
|
||||
dn = app.config.get('CREATE_DN').format(**d)
|
||||
dn = app.config.get('USER_DN').format(**d)
|
||||
attrs = {}
|
||||
for k,v in app.config.get('CREATE_ATTRS').iteritems():
|
||||
if type(v) == str:
|
||||
@ -138,7 +138,11 @@ def login():
|
||||
form = LoginForm()
|
||||
|
||||
if form.validate_on_submit():
|
||||
user = 'cn=' + form.user.data + ',' + app.config.get('LDAP_BASE','')
|
||||
user = ""
|
||||
if form.user.data.endswith(app.config.get('LDAP_BASE','')):
|
||||
user = form.user.data
|
||||
else:
|
||||
user = app.config.get('USER_DN').format(user=form.user.data)
|
||||
pswd = form.pswd.data
|
||||
l = ldap.initialize(app.config.get('LDAP_URI', 'ldaps://127.0.0.1'))
|
||||
try:
|
||||
|
Loading…
Reference in New Issue
Block a user