def check_password(self, username, password):
user = self.find_user(userid=username)
if isinstance(user, LDAPUser):
# in case group settings changed either in auth_ldap settings OR on LDAP directory
if user.is_active and (self.settings.get([OU]) is None or len(
self.refresh_ldap_group_memberships_for(user)) > 0):
self.logger.debug("Checking %s password via LDAP" %
user.get_id())
client = self.ldap.get_client(user.distinguished_name,
password)
authenticated = client is not None
self.logger.debug(
"%s was %sauthenticated" %
(user.get_name(), "" if authenticated else "not "))
return authenticated
else:
self.logger.debug(
"%s is inactive or no longer a member of required groups" %
user.get_id())
else:
self.logger.debug("Checking %s password via users.yaml" %
user.get_name())
return FilebasedUserManager.check_password(self, user.get_name(),
password)
return False
def check_password(self, username, password):
user = self.find_user(userid=username)
self._logger.debug("%s is a %s" % (username, type(user)))
if isinstance(user, LDAPUser):
# in case group settings changed either in auth_ldap settings OR on LDAP directory
groups = self.group_filter(user.get_distinguished_name())
if user.is_active() and isinstance(groups, list):
self.changeUserGroups(user.get_name(), groups)
self._logger.debug("Checking %s password via LDAP" % user.get_name())
client = self.get_ldap_client(user.get_distinguished_name(), password)
return client is not None
else:
self._logger.debug("%s is inactive or no longer a member of required groups" % user.get_name())
else:
self._logger.debug("Checking %s password via users.yaml" % user.get_name())
return FilebasedUserManager.check_password(self, user.get_name(), password)
return False