fix backend name (collision with libraries name)

2025-07-04 20:37:48 +02:00 · 2015-05-21 08:52:06 +02:00 · 2015-05-21 08:52:06 +02:00 · 1ac474647b
commit 1ac474647b
parent b67e0112c5
2 changed files with 6 additions and 5 deletions
--- a/ldapcherry/backend/backendLdap.py
+++ b/ldapcherry/backend/backendLdap.py
@ -0,0 +1,104 @@
+# -*- coding: utf-8 -*-
+# vim:set expandtab tabstop=4 shiftwidth=4:
+#
+# The MIT License (MIT)
+# LdapCherry
+# Copyright (c) 2014 Carpentier Pierre-Francois
+
+import cherrypy
+import ldap
+import logging
+import ldapcherry.backend
+
+class Backend(ldapcherry.backend.Backend):
+
+    def __init__(self, config, logger):
+        self.config = config
+        self._logger = logger
+
+    def auth(self, username, password):
+
+        binddn = get_user(username)
+        if binddn:
+            ldap_client = self._connect()
+            try:
+                ldap_client.simple_bind_s(binddn, password)
+            except ldap.INVALID_CREDENTIALS:
+                ldap_client.unbind_s()
+                return False
+            ldap_client.unbind_s()
+            return True
+        else:
+            return False
+
+    def add_to_group(self):
+        pass
+
+    def set_attrs(self, attrs):
+        pass
+
+    def rm_from_group(self):
+        pass
+
+    def add_user(self, username):
+        pass
+
+    def del_user(self, username):
+        pass
+
+    def get_user(self, username):
+        ldap_client = self._connect()
+        try:
+            ldap_client.simple_bind_s(self.binddn, self.bindpassword)
+        except ldap.INVALID_CREDENTIALS:
+            self._logger(
+                    logging.ERROR,
+                    "Configuration error, wrong credentials, unable to connect to ldap with '" + self.config['binddn'] + "'"
+                )
+            raise cherrypy.HTTPError("500", "Configuration Error, contact administrator")
+        except ldap.SERVER_DOWN:
+            self._logger(
+                    logging.ERROR,
+                    "Unable to contact ldap server '" + self.config['uri'] + "', check 'auth.ldap.uri' and ssl/tls configuration"
+                )
+            return False
+
+        user_filter = self.config['user_filter_tmpl'] % {
+            'login': username
+            }
+
+        r = ldap_client.search_s(self.userdn,
+                ldap.SCOPE_SUBTREE,
+                user_filter
+                 )
+        if len(r) == 0:
+            ldap_client.unbind_s()
+            return False
+
+        dn_entry = r[0][0]
+        return dn_entry
+
+    def _connect(self):
+        ldap_client = ldap.initialize(self.config['uri'])
+        ldap_client.set_option(ldap.OPT_REFERRALS, 0)
+        if self.config['starttls'] == 'on':
+           ldap.set_option(ldap.OPT_X_TLS_DEMAND, True)
+        if self.config['starttls'] == 'on':
+            ldap.set_option(ldap.OPT_X_TLS_DEMAND, True)
+        if self.config['ca']:
+            ldap.set_option(ldap.OPT_X_TLS_CACERTFILE, self.config['ca'])
+        if self.config['checkcert'] == 'off':
+            ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_ALLOW)
+        else:
+            ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT,ldap.OPT_X_TLS_DEMAND)
+
+        if self.config['starttls'] == 'on':
+            try:
+                ldap_client.start_tls_s()
+            except ldap.OPERATIONS_ERROR:
+                self._logger(
+                    logging.ERROR,
+                    "cannot use starttls with ldaps:// uri (uri: " + self.config['uri'] + ")"
+                )
+                raise cherrypy.HTTPError("500", "Configuration Error, contact administrator")
+        return ldap_client