aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorB. Stack <bgstack15@gmail.com>2023-06-24 08:36:02 -0400
committerB. Stack <bgstack15@gmail.com>2023-06-24 08:36:02 -0400
commite1e3faaf7f88bad2215890a07aa015bbf12d6301 (patch)
treea696bcfc37ce7de2317c49b1cbbd806ff6e379d3
parentdisplay external-auth on user for admin edit-user page (diff)
downloadnewspipe-e1e3faaf7f88bad2215890a07aa015bbf12d6301.tar.gz
newspipe-e1e3faaf7f88bad2215890a07aa015bbf12d6301.tar.bz2
newspipe-e1e3faaf7f88bad2215890a07aa015bbf12d6301.zip
add ldap auth
-rw-r--r--README.md1
-rw-r--r--instance/config.py4
-rw-r--r--instance/sqlite.py4
3 files changed, 5 insertions, 4 deletions
diff --git a/README.md b/README.md
index d3883ef4..2813f69d 100644
--- a/README.md
+++ b/README.md
@@ -35,6 +35,7 @@ https://www.newspipe.org
* detection of inactive feeds;
* share articles on Pinboard, Reddit and Twitter;
* management of bookmarks (with import from Pinboard).
+* Optional ldap authentication
## Deployment
diff --git a/instance/config.py b/instance/config.py
index af5fe9b9..81453d84 100644
--- a/instance/config.py
+++ b/instance/config.py
@@ -73,7 +73,7 @@ LOG_PATH = "./var/newspipe.log"
SELF_REGISTRATION = True
# Ldap, optional
-LDAP_ENABLED = True
+LDAP_ENABLED = False
LDAP_URI = "ldaps://ipa.internal.com:636"
LDAP_USER_BASE = "cn=users,cn=accounts,dc=ipa,dc=internal,dc=com"
LDAP_GROUP_BASE = "cn=groups,cn=accounts,dc=ipa,dc=internal,dc=com"
@@ -83,5 +83,5 @@ LDAP_USER_ATTRIB_MEMBEROF = "memberof"
LDAP_GROUP_DISPLAY_ATTRIB = "cn"
LDAP_BIND_DN = "uid=sampleuser,cn=users,cn=accounts,dc=ipa,dc=internal,dc=com"
LDAP_BIND_PASSWORD = "examplepassword"
-# Additional filter to restrict user lookup. If not equivalent to False, will be logical-anded to the user-match-attribute search filter.
+# Additional filter to restrict user lookup. If not equivalent to False (e.g., undefined), will be logical-anded to the user-match-attribute search filter.
LDAP_FILTER = "(memberOf=cn=newspipe-users,cn=groups,cn=accounts,dc=ipa,dc=internal,dc=com)"
diff --git a/instance/sqlite.py b/instance/sqlite.py
index abde387a..2fd2bed3 100644
--- a/instance/sqlite.py
+++ b/instance/sqlite.py
@@ -66,7 +66,7 @@ SELF_REGISTRATION = True
SQLALCHEMY_TRACK_MODIFICATIONS = False
# Ldap, optional
-LDAP_ENABLED = True
+LDAP_ENABLED = False
LDAP_URI = "ldaps://ipa.internal.com:636"
LDAP_USER_BASE = "cn=users,cn=accounts,dc=ipa,dc=internal,dc=com"
LDAP_GROUP_BASE = "cn=groups,cn=accounts,dc=ipa,dc=internal,dc=com"
@@ -76,5 +76,5 @@ LDAP_USER_ATTRIB_MEMBEROF = "memberof"
LDAP_GROUP_DISPLAY_ATTRIB = "cn"
LDAP_BIND_DN = "uid=sampleuser,cn=users,cn=accounts,dc=ipa,dc=internal,dc=com"
LDAP_BIND_PASSWORD = "examplepassword"
-# Additional filter to restrict user lookup. If not equivalent to False, will be logical-anded to the user-match-attribute search filter.
+# Additional filter to restrict user lookup. If not equivalent to False (e.g., undefined), will be logical-anded to the user-match-attribute search filter.
LDAP_FILTER = "(memberOf=cn=newspipe-users,cn=groups,cn=accounts,dc=ipa,dc=internal,dc=com)"
bgstack15