From 1c5123a2b47006e59739959ab67b51129d39a761 Mon Sep 17 00:00:00 2001 From: "B. Stack" Date: Mon, 21 Jun 2021 16:52:56 -0400 Subject: add ldap support --- session_ldap.py | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 session_ldap.py (limited to 'session_ldap.py') diff --git a/session_ldap.py b/session_ldap.py new file mode 100644 index 0000000..b478ef5 --- /dev/null +++ b/session_ldap.py @@ -0,0 +1,30 @@ +# python3 library +# Startdate: 2021-06-21 +# Dependencies: +# req-devuan: python3-ldap3 + +# reference: https://github.com/ArtemAngelchev/flask-basicauth-ldap/blob/master/flask_basicauth_ldap.py + +import ldap3 +from ldap3.core.exceptions import LDAPBindError, LDAPPasswordIsMandatoryError + +def authenticated_user(server_uri, user_format, username, password): + user = user_format.replace("%s",username) + print(f"server_uri: {server_uri}") + print(f"username: {username}") + print(f"user_format: {user_format}") + print(f"user: {user}") + try: + server = ldap3.Server(server_uri) + conn = ldap3.Connection(server, auto_bind=True, user=user, password=password) + return conn + except LDAPBindError as e: + if 'invalidCredentials' in str(e): + print("Invalid credentials.") + return False + else: + raise e + #except (LDAPPasswordIsMandatoryError, LDAPBindError): + # print("Either an ldap password is required, or we had another bind error.") + # return False + return False -- cgit