def authenticate(self, username, password):
        if self.username_template:
            user = self.username_template.substitute(username=username)
        else:
            user = username

        try:
            connection = Connection(self.url,
                                    user=user,
                                    password=password,
                                    authentication=SIMPLE,
                                    read_only=True,
                                    version=self.version)

            connection.bind()

            if connection.bound:
                connection.unbind()
                return True

            error = connection.last_error

        except Exception as e:
            error = str(e)

            if error not in KNOWN_REJECTIONS:
                LOGGER.exception("Error occurred while ldap authentication")

        if error in KNOWN_REJECTIONS:
            raise auth_base.AuthRejectedError("Invalid credentials")

        raise auth_base.AuthFailureError(error)
Beispiel #2
0
    def authenticate(self, request_handler):
        username = request_handler.get_argument('username')
        password = request_handler.get_argument('password')

        LOGGER.info('Logging in user ' + username)

        if self.username_template:
            full_username = self.username_template.substitute(
                username=username)
        else:
            full_username = username

        try:
            connection = Connection(self.url,
                                    user=full_username,
                                    password=password,
                                    authentication=SIMPLE,
                                    read_only=True,
                                    version=self.version)

            connection.bind()

            if connection.bound:
                try:
                    user_groups = self._fetch_user_groups(
                        username, full_username, connection)
                    LOGGER.info('Loaded groups for ' + username + ': ' +
                                str(user_groups))
                    self._set_user_groups(username, user_groups)
                except:
                    LOGGER.exception('Failed to load groups for the user ' +
                                     username)

                connection.unbind()
                return username

            error = connection.last_error

        except Exception as e:
            error = str(e)

            if error not in KNOWN_REJECTIONS:
                LOGGER.exception(
                    'Error occurred while ldap authentication of user ' +
                    username)

        if error in KNOWN_REJECTIONS:
            LOGGER.info('Invalid credentials for user ' + username)
            raise auth_base.AuthRejectedError('Invalid credentials')

        raise auth_base.AuthFailureError(error)
    def authenticate(self, request_handler):
        username = request_handler.get_argument('username')
        password = request_handler.get_argument('password')

        auth_error = auth_base.AuthRejectedError('Invalid credentials')

        if password is None:
            LOGGER.warning('Password was not provided for user ' + username)
            raise auth_error

        if not self.verifier.verify(username, password):
            raise auth_error

        return username