def _return_django_user(self, dn, username, password, conn, block, attributes): user = self.lookup_existing_user(username, block, attributes) if user: log.debug('found existing user %r', user) else: user = LDAPUser(username=username) user.set_unusable_password() user.ldap_init(block, dn, password) self.populate_user(user, dn, username, conn, block, attributes) user.save() user.keep_pk = user.pk user.pk = 'persistent!{0}'.format(base64.b64encode(pickle.dumps(user))) user_login_success(user.get_username()) return user
def authenticate(self, username=None, password=None, realm=None, **kwargs): UserModel = get_user_model() if username is None: username = kwargs.get(UserModel.USERNAME_FIELD) if not username: return query = self.get_query(username, realm) users = UserModel.objects.filter(query) # order by username to make username without realm come before usernames with realms # i.e. "toto" should come before "*****@*****.**" users = users.order_by(UserModel.USERNAME_FIELD) for user in users: if user.check_password(password): user_login_success(user.get_username()) return user else: user_login_failure(user.get_username())
def authenticate(self, username=None, password=None, realm=None, **kwargs): UserModel = get_user_model() if username is None: username = kwargs.get(UserModel.USERNAME_FIELD) if not username: return query = self.get_query(username, realm) users = get_user_queryset().filter(query) # order by username to make username without realm come before usernames with realms # i.e. "toto" should come before "*****@*****.**" users = users.order_by('-is_active', UserModel.USERNAME_FIELD) for user in users: if user.check_password(password): user_login_success(user.get_username()) return user else: user_login_failure(user.get_username())
user_basedn) if block['replicas']: break continue except ldap.LDAPError, e: log.error('user lookup failed: with query %r got error ' '%s: %s', username, query, e) continue if not authz_ids: continue try: for authz_id in authz_ids: try: conn.simple_bind_s(authz_id, utf8_password) user_login_success(authz_id) break except ldap.INVALID_CREDENTIALS: user_login_failure(authz_id) pass else: log.debug('user bind failed: invalid credentials') if block['replicas']: break continue except ldap.NO_SUCH_OBJECT: # should not happen as we just searched for this object ! log.error('user bind failed: authz_id not found %r', ', '.join(authz_ids)) if block['replicas']: break return self._return_user(authz_id, password, conn, block)