ldap3-authentication works now with fet server

2020-09-02 23:41:05 +00:00
parent be572eedeb
commit ee2c846a41
2 changed files with 21 additions and 13 deletions
--- a/fet2020/authentications/authentications.py
+++ b/fet2020/authentications/authentications.py
@@ -1,27 +1,35 @@
 import ldap3
+import logging
+from ldap3.core.exceptions import LDAPBindError
+
+logger = logging.getLogger(__name__)


 def authentication(username, password):
    # no empty passwords
    if password is None or password.strip() == "":
-        # messages.info("username:%s Login denied for blank password", username)
        return None

    # username format
-    new_username = 'uid={username}, cn=users, cn=accounts, dc=demo1, dc=freeipa, dc=org'
+    new_username = 'uid={username},ou=user,dc=fet,dc=htu,dc=tuwien,dc=ac,dc=at'
    userdn = new_username.format(username=username)

-    server_uri = 'ipa.demo1.freeipa.org'
-    server = ldap3.Server(server_uri, get_info=ldap3.ALL)
+    server_uri = 'ldap://gagarin.fet.htu.tuwien.ac.at'
+    server = ldap3.Server(server_uri, port=389, use_ssl=True)
+
+    has_user = False

    try:
-        ldap3.Connection(
-            server,
-            userdn,
-            password,
-            auto_bind=True,
-        )
-    except ldap3.core.exceptions.LDAPBindError:
+        conn = ldap3.Connection(server, user=userdn, password=password, auto_bind=True)
+        conn.search('dc=fet,dc=htu,dc=tuwien,dc=ac,dc=at', '(objectclass=person)')
+        for user in sorted(conn.entries):
+            if ("DN: uid=" + str(username.lower())) in str(user):
+                has_user = True
+    except LDAPBindError as e:
+        logger.info('Username does not exist. Error: {}'.format(e))
+        username = None
+
+    if not has_user:
        username = None

    return username
--- a/fet2020/authentications/views.py
+++ b/fet2020/authentications/views.py
@@ -17,9 +17,9 @@ def loginPage(request):

        if auth_user is not None:
            try:
-                user = User.objects.get(username=username)
+                user = User.objects.get(username=auth_user.lower())
            except User.DoesNotExist:
-                user = User.objects.create_user(auth_user)
+                user = User.objects.create_user(auth_user.lower())

            login(request, user)
            return redirect('home')