Difference between revisions of "Python ldap"
Jump to navigation
Jump to search
(Created page with "https://flask-ldap3-login.readthedocs.io/en/latest/quick_start.html") |
|||
| Line 1: | Line 1: | ||
https://flask-ldap3-login.readthedocs.io/en/latest/quick_start.html | https://flask-ldap3-login.readthedocs.io/en/latest/quick_start.html | ||
| + | ``` | ||
| + | from flask_ldap3_login import LDAP3LoginManager | ||
| + | from ldap3 import Tls | ||
| + | import ssl | ||
| + | |||
| + | config = dict() | ||
| + | |||
| + | # Setup LDAP Configuration Variables. Change these to your own settings. | ||
| + | # All configuration directives can be found in the documentation. | ||
| + | |||
| + | # Hostname of your LDAP Server | ||
| + | config['LDAP_HOST'] = 'ad.mydomain.com' | ||
| + | |||
| + | # Port number of your LDAP server | ||
| + | config['LDAP_PORT'] = 636 | ||
| + | |||
| + | # Base DN of your directory | ||
| + | config['LDAP_BASE_DN'] = 'dc=mydomain,dc=com' | ||
| + | |||
| + | # Users DN to be prepended to the Base DN | ||
| + | config['LDAP_USER_DN'] = 'ou=users' | ||
| + | |||
| + | # Groups DN to be prepended to the Base DN | ||
| + | config['LDAP_GROUP_DN'] = 'ou=groups' | ||
| + | |||
| + | |||
| + | # The RDN attribute for your user schema on LDAP | ||
| + | config['LDAP_USER_RDN_ATTR'] = 'cn' | ||
| + | |||
| + | # The Attribute you want users to authenticate to LDAP with. | ||
| + | config['LDAP_USER_LOGIN_ATTR'] = 'mail' | ||
| + | |||
| + | # The Username to bind to LDAP with | ||
| + | config['LDAP_BIND_USER_DN'] = None | ||
| + | |||
| + | # The Password to bind to LDAP with | ||
| + | config['LDAP_BIND_USER_PASSWORD'] = None | ||
| + | |||
| + | # Specify the server connection should use SSL | ||
| + | config['LDAP_USE_SSL'] = True | ||
| + | |||
| + | # Instruct Flask-LDAP3-Login to not automatically add the server | ||
| + | config['LDAP_ADD_SERVER'] = False | ||
| + | |||
| + | # Setup a LDAP3 Login Manager. | ||
| + | ldap_manager = LDAP3LoginManager() | ||
| + | |||
| + | # Init the mamager with the config since we aren't using an app | ||
| + | ldap_manager.init_config(config) | ||
| + | |||
| + | |||
| + | # Initialize a `Tls` context, and add the server manually. See | ||
| + | # http://ldap3.readthedocs.io/ssltls.html for more information. | ||
| + | tls_ctx = Tls( | ||
| + | validate=ssl.CERT_REQUIRED, | ||
| + | version=ssl.PROTOCOL_TLSv1, | ||
| + | ca_certs_file='/path/to/cacerts', | ||
| + | valid_names=[ | ||
| + | 'ad.mydomain.com', | ||
| + | ] | ||
| + | ) | ||
| + | |||
| + | ldap_manager.add_server( | ||
| + | config.get('LDAP_HOST'), | ||
| + | config.get('LDAP_PORT'), | ||
| + | config.get('LDAP_USE_SSL'), | ||
| + | tls_ctx=tls_ctx | ||
| + | ) | ||
| + | |||
| + | # Check if the credentials are correct | ||
| + | response = ldap_manager.authenticate('username', 'password') | ||
| + | print(response.status) | ||
| + | ``` | ||
Revision as of 23:24, 4 May 2021
https://flask-ldap3-login.readthedocs.io/en/latest/quick_start.html
from flask_ldap3_login import LDAP3LoginManager
from ldap3 import Tls
import ssl
config = dict()
# Setup LDAP Configuration Variables. Change these to your own settings.
# All configuration directives can be found in the documentation.
# Hostname of your LDAP Server
config['LDAP_HOST'] = 'ad.mydomain.com'
# Port number of your LDAP server
config['LDAP_PORT'] = 636
# Base DN of your directory
config['LDAP_BASE_DN'] = 'dc=mydomain,dc=com'
# Users DN to be prepended to the Base DN
config['LDAP_USER_DN'] = 'ou=users'
# Groups DN to be prepended to the Base DN
config['LDAP_GROUP_DN'] = 'ou=groups'
# The RDN attribute for your user schema on LDAP
config['LDAP_USER_RDN_ATTR'] = 'cn'
# The Attribute you want users to authenticate to LDAP with.
config['LDAP_USER_LOGIN_ATTR'] = 'mail'
# The Username to bind to LDAP with
config['LDAP_BIND_USER_DN'] = None
# The Password to bind to LDAP with
config['LDAP_BIND_USER_PASSWORD'] = None
# Specify the server connection should use SSL
config['LDAP_USE_SSL'] = True
# Instruct Flask-LDAP3-Login to not automatically add the server
config['LDAP_ADD_SERVER'] = False
# Setup a LDAP3 Login Manager.
ldap_manager = LDAP3LoginManager()
# Init the mamager with the config since we aren't using an app
ldap_manager.init_config(config)
# Initialize a `Tls` context, and add the server manually. See
# http://ldap3.readthedocs.io/ssltls.html for more information.
tls_ctx = Tls(
validate=ssl.CERT_REQUIRED,
version=ssl.PROTOCOL_TLSv1,
ca_certs_file='/path/to/cacerts',
valid_names=[
'ad.mydomain.com',
]
)
ldap_manager.add_server(
config.get('LDAP_HOST'),
config.get('LDAP_PORT'),
config.get('LDAP_USE_SSL'),
tls_ctx=tls_ctx
)
# Check if the credentials are correct
response = ldap_manager.authenticate('username', 'password')
print(response.status)