def initLDAP():
global ldapConn
global ldapBindDN
global ldapBindPass
print 'Connecting to ldap at '+ldapHost
ldapConn = ldapwrap.connect(ldapHost)
print 'Binding to LDAP as: '+ldapBindDN
ldapwrap.bind(ldapConn, ldapBindDN, ldapBindPass)
def login():
global ldapConn
global ldapHost
global search_filter
global base_dn
if request.method == 'POST':
#search ldap for the username
if ldapConn == None:
print ldapConn
initLDAP()
ldapuser = ldapwrap.getUser(ldapConn, base_dn, search_filter, request.form['user'])
if ldapuser != None:
#found the user, try binding with that dn and supplied password
#TODO: should just be able to auth against the password attrib?
tmpConn = ldapwrap.connect(ldapHost)
if ldapwrap.bind(tmpConn, ldapuser['dn'], request.form['pass']):
#succesfully bound, good password!
tmpConn.unbind()
#Create the flask-login user object and log the user in
UserObj = User(ldapuser['cn'][0], ldapuser['uid'][0], active=True)
login_user(UserObj)
next = request.args.get('next', '')
if next:
return redirect(next)
else:
return redirect('/paste/')
else:
return 'Bad password'
else:
return 'User not found'
return render_template('login.html')