From 7eee46d06b2c93e81bf56817b3f5d4c04955c216 Mon Sep 17 00:00:00 2001 From: Michael Weimann Date: Wed, 15 Sep 2021 19:44:11 +0200 Subject: [PATCH] pass ldap environment variables --- app.py | 4 +++- ki/auth.py | 6 +++++- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/app.py b/app.py index 6f0ef7a..818502f 100644 --- a/app.py +++ b/app.py @@ -32,7 +32,9 @@ app.config["CORS_ORIGINS"] = os.getenv("CORS_ORIGINS", "*") app.config["KI_AUTH"] = os.getenv("KI_AUTH") app.config["KI_LDAP_URL"] = os.getenv("KI_LDAP_URL") -app.config["KI_LDAP_ROOT_DN"] = os.getenv("KI_LDAP_ROOT_DN") +app.config["KI_LDAP_AUTH_USER"] = os.getenv("KI_LDAP_AUTH_USER") +app.config["KI_LDAP_AUTH_PASSWORD"] = os.getenv("KI_LDAP_AUTH_PASSWORD") +app.config["KI_LDAP_BASE_DN"] = os.getenv("KI_LDAP_BASE_DN") CORS(app) db = SQLAlchemy(app) diff --git a/ki/auth.py b/ki/auth.py index 8b083bd..a542bee 100644 --- a/ki/auth.py +++ b/ki/auth.py @@ -60,7 +60,11 @@ def ldap_auth(username, password): return None if not connection.search(app.config['KI_LDAP_BASE_DN'], f"(&(objectClass=inetOrgPerson)(uid={escaped_username}))"): - app.logger.info(f"ldap search of {username} failed") + app.logger.info("ldap search failed") + return None + + if not connection.entries: + app.logger.info(f"no ldap search result for {username}") return None user_dn = connection.entries[0].entry_dn