authentik/passbook/sources/ldap/auth.py

26 lines
828 B
Python
Raw Normal View History

2018-11-11 12:41:48 +00:00
"""passbook LDAP Authentication Backend"""
from django.contrib.auth.backends import ModelBackend
from django.http import HttpRequest
2019-10-01 09:24:10 +01:00
from structlog import get_logger
2018-11-11 12:41:48 +00:00
2019-10-10 16:36:09 +01:00
from passbook.sources.ldap.connector import Connector
2019-10-07 15:33:48 +01:00
from passbook.sources.ldap.models import LDAPSource
2018-11-11 12:41:48 +00:00
LOGGER = get_logger()
2018-11-11 12:41:48 +00:00
class LDAPBackend(ModelBackend):
"""Authenticate users against LDAP Server"""
def authenticate(self, request: HttpRequest, **kwargs):
2018-11-11 12:41:48 +00:00
"""Try to authenticate a user via ldap"""
2019-12-31 11:51:16 +00:00
if "password" not in kwargs:
2018-11-11 12:41:48 +00:00
return None
for source in LDAPSource.objects.filter(enabled=True):
LOGGER.debug("LDAP Auth attempt", source=source)
2019-10-10 16:36:09 +01:00
_ldap = Connector(source)
user = _ldap.auth_user(**kwargs)
if user:
return user
return None