2018-11-11 12:41:48 +00:00
|
|
|
"""passbook LDAP Authentication Backend"""
|
|
|
|
from django.contrib.auth.backends import ModelBackend
|
2019-10-11 11:53:48 +01:00
|
|
|
from django.http import HttpRequest
|
2019-10-01 09:24:10 +01:00
|
|
|
from structlog import get_logger
|
2018-11-11 12:41:48 +00:00
|
|
|
|
2020-05-16 15:02:42 +01:00
|
|
|
from passbook.sources.ldap.connector import Connector
|
|
|
|
from passbook.sources.ldap.models import LDAPSource
|
2018-11-11 12:41:48 +00:00
|
|
|
|
2019-10-04 09:08:53 +01:00
|
|
|
LOGGER = get_logger()
|
2018-11-11 12:41:48 +00:00
|
|
|
|
|
|
|
|
|
|
|
class LDAPBackend(ModelBackend):
|
|
|
|
"""Authenticate users against LDAP Server"""
|
|
|
|
|
2019-10-11 11:53:48 +01:00
|
|
|
def authenticate(self, request: HttpRequest, **kwargs):
|
2018-11-11 12:41:48 +00:00
|
|
|
"""Try to authenticate a user via ldap"""
|
2019-12-31 11:51:16 +00:00
|
|
|
if "password" not in kwargs:
|
2018-11-11 12:41:48 +00:00
|
|
|
return None
|
2020-05-16 15:02:42 +01:00
|
|
|
for source in LDAPSource.objects.filter(enabled=True):
|
|
|
|
LOGGER.debug("LDAP Auth attempt", source=source)
|
|
|
|
_ldap = Connector(source)
|
2018-11-26 17:12:04 +00:00
|
|
|
user = _ldap.auth_user(**kwargs)
|
|
|
|
if user:
|
|
|
|
return user
|
|
|
|
return None
|