26 lines
830 B
Python
26 lines
830 B
Python
"""passbook LDAP Authentication Backend"""
|
|
from django.contrib.auth.backends import ModelBackend
|
|
from django.http import HttpRequest
|
|
from structlog import get_logger
|
|
|
|
from passbook.channels.in_ldap.connector import Connector
|
|
from passbook.channels.in_ldap.models import LDAPInlet
|
|
|
|
LOGGER = get_logger()
|
|
|
|
|
|
class LDAPBackend(ModelBackend):
|
|
"""Authenticate users against LDAP Server"""
|
|
|
|
def authenticate(self, request: HttpRequest, **kwargs):
|
|
"""Try to authenticate a user via ldap"""
|
|
if "password" not in kwargs:
|
|
return None
|
|
for inlet in LDAPInlet.objects.filter(enabled=True):
|
|
LOGGER.debug("LDAP Auth attempt", inlet=inlet)
|
|
_ldap = Connector(inlet)
|
|
user = _ldap.auth_user(**kwargs)
|
|
if user:
|
|
return user
|
|
return None
|