ralf/bk-dss
1
0
Fork 0
forked from moepman/bk-dss
Code Releases Activity

Allow logins with fully qualified user names.

Browse Source
This commit is contained in:
Markus 2016-03-21 23:35:11 +01:00
parent 59962f53a1
commit be26efa343
2 changed files with 9 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
config.cfg.example
View File

@ -3,11 +3,12 @@ SECRET_KEY = "CHANGE!ME"
SESSION_TIMEOUT = 3600 SESSION_TIMEOUT = 3600
LDAP_URI = "ldaps://ldap.example.com" LDAP_URI = "ldaps://ldap.example.com"
LDAP_BASE = "ou=people,dc=example,dc=com" LDAP_BASE = "dc=example,dc=com"
USER_DN = "cn={user},ou=people,dc=example,dc=com"
ADMINS = [ "cn=admin,ou=people,dc=example,dc=com" ] ADMINS = [ "cn=admin,ou=people,dc=example,dc=com" ]
CREATE_DN = "cn={user},ou=people,dc=example,dc=com"
CREATE_ATTRS = { CREATE_ATTRS = {
'objectClass' : ['top', 'inetOrgPerson', 'organizationalPerson', 'person', 'posixAccount'], 'objectClass' : ['top', 'inetOrgPerson', 'organizationalPerson', 'person', 'posixAccount'],
'cn' : '{user}', 'cn' : '{user}',

8
index.py
View File

@ -85,7 +85,7 @@ def create():
'gn' : form.gn.data, 'gn' : form.gn.data,
'sn' : form.sn.data, 'sn' : form.sn.data,
} }
dn = app.config.get('CREATE_DN').format(**d) dn = app.config.get('USER_DN').format(**d)
attrs = {} attrs = {}
for k,v in app.config.get('CREATE_ATTRS').iteritems(): for k,v in app.config.get('CREATE_ATTRS').iteritems():
if type(v) == str: if type(v) == str:
@ -138,7 +138,11 @@ def login():
form = LoginForm() form = LoginForm()
if form.validate_on_submit(): if form.validate_on_submit():
user = 'cn=' + form.user.data + ',' + app.config.get('LDAP_BASE','') user = ""
if form.user.data.endswith(app.config.get('LDAP_BASE','')):
user = form.user.data
else:
user = app.config.get('USER_DN').format(user=form.user.data)
pswd = form.pswd.data pswd = form.pswd.data
l = ldap.initialize(app.config.get('LDAP_URI', 'ldaps://127.0.0.1')) l = ldap.initialize(app.config.get('LDAP_URI', 'ldaps://127.0.0.1'))
try: try: