Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- import ldap
- import settings
- from django.contrib.auth.models import User
- class LdapBackend:
- def authenticate(self, username=None, password=None):
- base = settings.AUTH_LDAP_BASE_DN
- filter = '(&(objectclass=person) (uid=%s))' % username
- ret = ['dn', 'mail']
- try:
- l = ldap.initialize(settings.AUTH_LDAP_SERVER_URI)
- l.protocol_version = ldap.VERSION3
- except ldap.LDAPError:
- return None
- try:
- result_id = l.search(base, ldap.SCOPE_SUBTREE, filter, ret)
- result_type, result_data = l.result(result_id, 0)
- if (len(result_data) != 1):
- return None
- l.simple_bind_s(result_data[0][0], password)
- try:
- user = User.objects.get(username__exact=username)
- except:
- user = User.objects.create_user(username, result_data[0][1]['mail'][0])
- user.is_staff = False
- user.save()
- return user
- except ldap.INVALID_CREDENTIALS:
- return None
- def get_user(self, user_id):
- try:
- return User.objects.get(pk=user_id)
- except User.DoesNotExist:
- return None
Add Comment
Please, Sign In to add comment