LDAP

1. LDAP_SERVER = 'ldaps://ldap.cs.prv'
2. LDAP_PORT = 636
3. LDAP_USE_SSL = True
4.  
5. ldap_server = Server(app.config['LDAP_SERVER'],
6. port=app.config['LDAP_PORT'],
7.                       use_ssl=app.config['LDAP_USE_SSL'], get_info=ALL)
8.  
9. def login_user(uid, password):
10.      result = False
11.      if uid is None or password is None:
12.          app.logger.debug("Invalid input: None is not allowed")
13.          return result
14.      create_user_if_absent(uid)  # if user was not logged before
15.      user = User.query.filter_by(uid=uid).first()
16.      if user is None:
17.          app.logger.debug("No such user {}".format(uid))
18.          return result
19.      try:
20.          c = Connection(ldap_server)
21.          c.bind()
22.          c.search(search_base="OU=people, DC=cs, DC=karelia, DC=ru",
23.                   search_filter="(uid={})".format(uid), attributes=[])
24.          if len(c.response) > 0:
25.              try:
26.                  if c.rebind(user=c.response[0]['dn'], password=password):
27.                      app.logger.debug("User {} succeed to authenticate
28. through LDAP".format(uid))
29.                      result = True
30.                  else:
31.                      app.logger.debug("User {} failed to authenticate
32. through LDAP".format(uid))
33.              except LDAPBindError as e:
34.                  app.logger.error('Error in LDAP rebind: %s', e)
35.          c.unbind()
36.      except LDAPException as e:
37.          app.logger.error("LDAP error: %s", e)
38.  
39.      if not result and user.password is not None:
40.          result = check_password_hash(user.password, password)
41.      return result