def login(): global ldapConn global ldapHost global search_filter global base_dn if request.method == 'POST': #search ldap for the username if ldapConn == None: print ldapConn initLDAP() ldapuser = ldapwrap.getUser(ldapConn, base_dn, search_filter, request.form['user']) if ldapuser != None: #found the user, try binding with that dn and supplied password #TODO: should just be able to auth against the password attrib? tmpConn = ldapwrap.connect(ldapHost) if ldapwrap.bind(tmpConn, ldapuser['dn'], request.form['pass']): #succesfully bound, good password! tmpConn.unbind() #Create the flask-login user object and log the user in UserObj = User(ldapuser['cn'][0], ldapuser['uid'][0], active=True) login_user(UserObj) next = request.args.get('next', '') if next: return redirect(next) else: return redirect('/paste/') else: return 'Bad password' else: return 'User not found' return render_template('login.html')
def initLDAP(): global ldapConn global ldapBindDN global ldapBindPass print 'Connecting to ldap at '+ldapHost ldapConn = ldapwrap.connect(ldapHost) print 'Binding to LDAP as: '+ldapBindDN ldapwrap.bind(ldapConn, ldapBindDN, ldapBindPass)