pass ldap environment variables

This commit is contained in:
weeman 2021-09-15 19:44:11 +02:00
parent 574ce1f982
commit 7eee46d06b
Signed by untrusted user: weeman
GPG Key ID: 34F0524D4DA694A1
2 changed files with 8 additions and 2 deletions

4
app.py
View File

@ -32,7 +32,9 @@ app.config["CORS_ORIGINS"] = os.getenv("CORS_ORIGINS", "*")
app.config["KI_AUTH"] = os.getenv("KI_AUTH") app.config["KI_AUTH"] = os.getenv("KI_AUTH")
app.config["KI_LDAP_URL"] = os.getenv("KI_LDAP_URL") app.config["KI_LDAP_URL"] = os.getenv("KI_LDAP_URL")
app.config["KI_LDAP_ROOT_DN"] = os.getenv("KI_LDAP_ROOT_DN") app.config["KI_LDAP_AUTH_USER"] = os.getenv("KI_LDAP_AUTH_USER")
app.config["KI_LDAP_AUTH_PASSWORD"] = os.getenv("KI_LDAP_AUTH_PASSWORD")
app.config["KI_LDAP_BASE_DN"] = os.getenv("KI_LDAP_BASE_DN")
CORS(app) CORS(app)
db = SQLAlchemy(app) db = SQLAlchemy(app)

View File

@ -60,7 +60,11 @@ def ldap_auth(username, password):
return None return None
if not connection.search(app.config['KI_LDAP_BASE_DN'], f"(&(objectClass=inetOrgPerson)(uid={escaped_username}))"): if not connection.search(app.config['KI_LDAP_BASE_DN'], f"(&(objectClass=inetOrgPerson)(uid={escaped_username}))"):
app.logger.info(f"ldap search of {username} failed") app.logger.info("ldap search failed")
return None
if not connection.entries:
app.logger.info(f"no ldap search result for {username}")
return None return None
user_dn = connection.entries[0].entry_dn user_dn = connection.entries[0].entry_dn