PapaTutuWawa/etesync-server
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Implement authentication with LDAP

Browse Source 
Enable an additional lookup against an LDAP directory
during login and user creation to ensure that only
specific users can login and register on the EteBase
server instance.
This commit is contained in:
PapaTutuWawa
2020-11-06 15:22:26 +01:00
parent 801826b8b6
commit 1fef1e2b7a
5 changed files with 98 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
django_etebase/utils.py
View File

@@ -2,6 +2,7 @@ from django.contrib.auth import get_user_model
from django.core.exceptions import PermissionDenied
from . import app_settings
from .ldap import LDAPConnection
User = get_user_model()
@@ -15,6 +16,11 @@ def get_user_queryset(queryset, view):
def create_user(*args, **kwargs):
# Check if the LDAP query returns exactly one user
if app_settings.USE_LDAP:
if not LDAPConnection.get_instance().has_user(kwargs['username']):
raise PermissionDenied('User is not listed in the LDAP registry.')
custom_func = app_settings.CREATE_USER_FUNC
if custom_func is not None:
return custom_func(*args, **kwargs)