Pure python, LDAP connection and ORM for Flask Applications
Project description
Flask-LDAPConn is a Flask extension providing ldap3 (an LDAP V3 pure Python client) connection for accessing LDAP servers.
To abstract access to LDAP data this extension provides a simple ORM model.
Installation
pip install flask-ldapconnConfiguration
Your configuration should be declared within your Flask config. Sample configuration:
import ssl
LDAP_SERVER = 'localhost'
LDAP_PORT = 389
LDAP_BINDDN = 'cn=admin,dc=example,dc=com'
LDAP_SECRET = 'forty-two'
LDAP_CONNECT_TIMEOUT = 10 # Honored when the TCP connection is being established
LDAP_USE_TLS = True # default
LDAP_REQUIRE_CERT = ssl.CERT_NONE # default: CERT_REQUIRED
LDAP_TLS_VERSION = ssl.PROTOCOL_TLSv1_2 # default: PROTOCOL_TLSv1
LDAP_CERT_PATH = '/etc/openldap/certs'If you want to always get any entry attribute value as a list, instead of a string if only one item is in the attribute list, then set:
FORCE_ATTRIBUTE_VALUE_AS_LIST = TrueDefault is False and will return a string if only one item is in the attribute list.
Setup
Create the LDAP instance in your application.
from flask import Flask
from flask_ldapconn import LDAPConn
app = Flask(__name__)
ldap = LDAPConn(app)Client sample
from flask import Flask
from flask_ldapconn import LDAPConn
from ldap3 import SUBTREE
app = Flask(__name__)
ldap = LDAPConn(app)
@app.route('/')
def index():
ldapc = ldap.connection
basedn = 'ou=people,dc=example,dc=com'
search_filter = '(objectClass=posixAccount)'
attributes = ['sn', 'givenName', 'uid', 'mail']
ldapc.search(basedn, search_filter, SUBTREE,
attributes=attributes)
response = ldapc.responseUser model samples
from flask import Flask
from flask_ldapconn import LDAPConn
app = Flask(__name__)
ldap = LDAPConn(app)
class User(ldap.Entry):
base_dn = 'ou=people,dc=example,dc=com'
object_classes = ['inetOrgPerson']
name = ldap.Attribute('cn')
email = ldap.Attribute('mail')
userid = ldap.Attribute('uid')
surname = ldap.Attribute('sn')
givenname = ldap.Attribute('givenName')
with app.app_context():
# get a list of entries
entries = User.query.filter('email: *@example.com').all()
for entry in entries:
print u'Name: {}'.format(entry.name)
# get the first entry
user = User.query.filter('userid: user1').first()
# new entry
new_user = User(
name='User Three',
email='user3@example.com',
userid='user3',
surname='Three',
givenname='User'
)
new_user.save()
# modify entry
mod_user = User.query.filter('userid: user1').first()
mod_user.name = 'User Number Three'
mod_user.email.append.('u.three@example.com')
mod_user.givenname.delete()
mod_user.save()
# remove entry
rm_user = User.query.filter('userid: user1').first()
rm_user.delete()
# authenticate user
auth_user = User.query.filter('userid: user1').first()
if auth_user:
if auth_user.authenticate('password1234'):
print('Authenticated')
else:
print('Wrong password')Authenticate with Client
from flask import Flask
from flask_ldapconn import LDAPConn
app = Flask(__name__)
ldap = LDAPConn(app)
username = 'user1'
password = 'userpass'
attribute = 'uid'
search_filter = ('(active=1)')
with app.app_context():
retval = ldap.authenticate(username, password, attribute,
basedn, search_filter)
if not retval:
return 'Invalid credentials.'
return 'Welcome %s.' % usernameBind as user
To bind as user for the current request instance a new connection from flask.g.ldap_conn:
g.ldap_conn = ldap.connect(userdn, password)
user = User.query.get(userdn)Unit Test
I use a simple Docker image to run the tests on localhost. The test file test_flask_ldapconn.py tries to handle start and stop of the docker container:
pip install docker-py
docker pull rroemhild/test-openldap
python test_flask_ldapconn.pyRun the docker container manual:
docker run --privileged -d -p 389:389 --name flask_ldapconn rroemhild/test-openldap
DOCKER_RUN=False python test_flask_ldapconn.pyUnit test with your own settings from a file:
LDAP_SETTINGS=my_settings.py python test_flask_ldapconn.pyContribute
Check for open issues or open a fresh issue to start a discussion around a feature idea or a bug.
Fork the repository on Github to start making your changes.
Write a test which shows that the bug was fixed or that the feature works as expected.
Send a pull request and bug the maintainer until it gets merged and published.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file flask_ldapconn-0.10.2.tar.gz.
File metadata
- Download URL: flask_ldapconn-0.10.2.tar.gz
- Upload date:
- Size: 10.6 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/5.1.0 CPython/3.12.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 1df0cdeaeb9b7b996709de1283d35d60711ebb1dd5a2c935e1186d31b601d60a |
|
| MD5 | 1dbda53ee487b15997ae7840c6d88f71 |
|
| BLAKE2b-256 | 4e9464d6145e297d9b5f9792ada260e53690cfd5a8167af4b226962f970b2ae8 |
File details
Details for the file Flask_LDAPConn-0.10.2-py3-none-any.whl.
File metadata
- Download URL: Flask_LDAPConn-0.10.2-py3-none-any.whl
- Upload date:
- Size: 10.4 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/5.1.0 CPython/3.12.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 6fa07788835fbb6ca8f9372cd5b8912155c7f33324ee1fe7924eb76e2ea56a14 |
|
| MD5 | 91a28bc6a48e54ff9880529f72b7975f |
|
| BLAKE2b-256 | 977da4ca922fb33aa88204a51e9bbfbeddd82b3018f6b43aef724551704b020c |
