# python3 library
# Startdate: 2021-06-21
# Dependencies:
#    req-devuan: python3-ldap3

# reference: https://github.com/ArtemAngelchev/flask-basicauth-ldap/blob/master/flask_basicauth_ldap.py

import ldap3
from ldap3.core.exceptions import LDAPBindError, LDAPPasswordIsMandatoryError

def authenticated_user(server_uri, user_format, username, password):
   user = user_format.replace("%s",username)
   print(f"server_uri: {server_uri}")
   print(f"username: {username}")
   print(f"user_format: {user_format}")
   print(f"user: {user}")
   try:
      server = ldap3.Server(server_uri)
      conn = ldap3.Connection(server, auto_bind=True, user=user, password=password)
      return conn
   except LDAPBindError as e:
      if 'invalidCredentials' in str(e):
         print("Invalid credentials.")
         return False
      else:
         raise e
   #except (LDAPPasswordIsMandatoryError, LDAPBindError):
   #   print("Either an ldap password is required, or we had another bind error.")
   #   return False
   return False