Update LDAP, fix Windows AD login (#1697)
This commit is contained in:
parent
2cd653c773
commit
e2be655d74
@ -38,6 +38,7 @@ def init_app(app, config):
|
||||
|
||||
app.config['LDAP_HOST'] = config.config_ldap_provider_url
|
||||
app.config['LDAP_PORT'] = config.config_ldap_port
|
||||
app.config['LDAP_CUSTOM_OPTIONS'] = {pyLDAP.OPT_REFERRALS, 0}
|
||||
if config.config_ldap_encryption == 2:
|
||||
app.config['LDAP_SCHEMA'] = 'ldaps'
|
||||
else:
|
||||
@ -54,15 +55,13 @@ def init_app(app, config):
|
||||
app.config['LDAP_USERNAME'] = ""
|
||||
app.config['LDAP_PASSWORD'] = base64.b64decode("")
|
||||
if bool(config.config_ldap_cert_path):
|
||||
# app.config['LDAP_REQUIRE_CERT'] = True
|
||||
# app.config['LDAP_CERT_PATH'] = config.config_ldap_cert_path
|
||||
app.config['LDAP_CUSTOM_OPTIONS'] = {
|
||||
app.config['LDAP_CUSTOM_OPTIONS'].update({
|
||||
pyLDAP.OPT_X_TLS_REQUIRE_CERT: pyLDAP.OPT_X_TLS_DEMAND,
|
||||
pyLDAP.OPT_X_TLS_CACERTFILE: config.config_ldap_cacert_path,
|
||||
pyLDAP.OPT_X_TLS_CERTFILE: config.config_ldap_cert_path,
|
||||
pyLDAP.OPT_X_TLS_KEYFILE: config.config_ldap_key_path,
|
||||
pyLDAP.OPT_X_TLS_NEWCTX: 0
|
||||
}
|
||||
})
|
||||
|
||||
app.config['LDAP_BASE_DN'] = config.config_ldap_dn
|
||||
app.config['LDAP_USER_OBJECT_FILTER'] = config.config_ldap_user_object
|
||||
@ -73,17 +72,11 @@ def init_app(app, config):
|
||||
app.config['LDAP_GROUP_OBJECT_FILTER'] = config.config_ldap_group_object_filter
|
||||
app.config['LDAP_GROUP_MEMBERS_FIELD'] = config.config_ldap_group_members_field
|
||||
|
||||
|
||||
try:
|
||||
_ldap.init_app(app)
|
||||
except ValueError:
|
||||
if bool(config.config_ldap_cert_path):
|
||||
app.config['LDAP_CUSTOM_OPTIONS'] = {
|
||||
pyLDAP.OPT_X_TLS_REQUIRE_CERT: pyLDAP.OPT_X_TLS_DEMAND,
|
||||
pyLDAP.OPT_X_TLS_CACERTFILE: config.config_ldap_cacert_path,
|
||||
pyLDAP.OPT_X_TLS_CERTFILE: config.config_ldap_cert_path,
|
||||
pyLDAP.OPT_X_TLS_KEYFILE: config.config_ldap_key_path,
|
||||
}
|
||||
app.config['LDAP_CUSTOM_OPTIONS'].pop(pyLDAP.OPT_X_TLS_NEWCTX)
|
||||
try:
|
||||
_ldap.init_app(app)
|
||||
except RuntimeError as e:
|
||||
|
Loading…
Reference in New Issue
Block a user