1
0
Fork 0
mirror of https://github.com/retspen/webvirtcloud synced 2024-12-24 23:25:24 +00:00

add ldap3 explanations for errors

This commit is contained in:
catborise 2021-12-23 12:32:36 +03:00
parent 13f332c9a5
commit 9e832c2612
2 changed files with 7 additions and 7 deletions

View file

@ -12,14 +12,13 @@ try:
class LdapAuthenticationBackend(ModelBackend): class LdapAuthenticationBackend(ModelBackend):
def get_LDAP_user(self, username, password, filterString): def get_LDAP_user(self, username, password, filterString):
print('get_LDAP_user') print('get_LDAP_user {}'.format(username))
try: try:
server = Server(settings.LDAP_URL, port=settings.LDAP_PORT, server = Server(settings.LDAP_URL, port=settings.LDAP_PORT,
use_ssl=settings.USE_SSL,get_info=ALL) use_ssl=settings.USE_SSL,get_info=ALL)
connection = Connection(server, connection = Connection(server,
settings.LDAP_MASTER_DN, settings.LDAP_MASTER_DN,
settings.LDAP_MASTER_PW, auto_bind=True) settings.LDAP_MASTER_PW, auto_bind=True)
connection.search(settings.LDAP_ROOT_DN, connection.search(settings.LDAP_ROOT_DN,
'(&({attr}={login})({filter}))'.format( '(&({attr}={login})({filter}))'.format(
attr=settings.LDAP_USER_UID_PREFIX, attr=settings.LDAP_USER_UID_PREFIX,
@ -31,11 +30,10 @@ try:
return None return None
specificUser = connection.response[0] specificUser = connection.response[0]
userDn = str(specificUser.get('raw_dn'),'utf-8') userDn = str(specificUser.get('raw_dn'),'utf-8')
with Connection(server, with Connection(server, userDn, password) as con:
userDn,
password) as con:
return username return username
except: except Exception as e:
print("LDAP Exception: {}".format(e))
return None return None
return None return None
@ -50,6 +48,7 @@ try:
if self.get_LDAP_user(username, password, settings.LDAP_SEARCH_GROUP_FILTER_ADMINS) is None: if self.get_LDAP_user(username, password, settings.LDAP_SEARCH_GROUP_FILTER_ADMINS) is None:
if self.get_LDAP_user(username, password, settings.LDAP_SEARCH_GROUP_FILTER_STAFF) is None: if self.get_LDAP_user(username, password, settings.LDAP_SEARCH_GROUP_FILTER_STAFF) is None:
if self.get_LDAP_user(username, password, settings.LDAP_SEARCH_GROUP_FILTER_USERS) is None: if self.get_LDAP_user(username, password, settings.LDAP_SEARCH_GROUP_FILTER_USERS) is None:
print("User does not belong to any search group. Check LDAP_SEARCH_GROUP_FILTER in settings.")
return None return None
else: else:
isStaff = True isStaff = True
@ -62,7 +61,7 @@ try:
attributes = UserAttributes.objects.get(user=user) attributes = UserAttributes.objects.get(user=user)
# TODO VERIFY # TODO VERIFY
except User.DoesNotExist: except User.DoesNotExist:
print("authenticate-create new user") print("authenticate-create new user: {}".format(username))
user = User(username=username) user = User(username=username)
user.is_active = True user.is_active = True
user.is_staff = isStaff user.is_staff = isStaff

View file

@ -268,6 +268,7 @@ LDAP_MASTER_PW = ''
LDAP_ROOT_DN = '' LDAP_ROOT_DN = ''
## Queries to identify the users, i use groupOfUniqueNames on openldap ## Queries to identify the users, i use groupOfUniqueNames on openldap
### PLEASE BE SURE memberOf overlay is activated on slapd
## e.g. memberOf=cn=admins,cn=staff,cn=webvirtcloud,ou=groups,dc=kendar,dc=org ## e.g. memberOf=cn=admins,cn=staff,cn=webvirtcloud,ou=groups,dc=kendar,dc=org
LDAP_SEARCH_GROUP_FILTER_ADMINS = '' LDAP_SEARCH_GROUP_FILTER_ADMINS = ''
## e.g. memberOf=cn=staff,cn=webvirtcloud,ou=groups,dc=kendar,dc=org ## e.g. memberOf=cn=staff,cn=webvirtcloud,ou=groups,dc=kendar,dc=org