A library to restrict your flask pages by LDAP groups
Project description
# Flask LDAP View
A library to restrict your flask pages by LDAP groups
A more full example that includes Flask-Login can be found [here](https://github.com/sonance207/Flask_LDAP_View/blob/master/examples/example_Flask_LDAP_View.py).
## Installation
Install the extension with the following command:
```sh
$ pip install Flask_LDAP_View
```
## Usage
We start the Flask LDAP View by instantiating it and telling it about our Flask app:
```python
from flask import Flask, g, redirect, session
from Flask_LDAP_View import LDAP_VIEW
app = Flask(__name__)
ldap = LDAP_VIEW(app)
```
Next we have to import our LDAP configuration
```python
#Service account to search ldap tree
app.config['LDAP_HOST'] = 'ldap://127.0.0.1:389/'
app.config['LDAP_BASE_DN'] = 'OU=Admins,OU=Users,DC=exampleDC,DC=local'
app.config['LDAP_USERNAME'] = 'CN=User,OU=Admins,OU=Users,DC=exampleDC,DC=local'
app.config['LDAP_PASSWORD'] = 'password'
#Splash page to appear when user access a unauthorized resource
app.config['LDAP_UNAUTHORIZED_REDIRECT'] = '/unauthorized'
```
After that we will add our before request,views, and login
```python
@app.before_request
def before_request():
try:
g.user_memberof = session['user_memberof']
except:
session['user_memberof'] = None
g.user_memberof = session['user_memberof']
@app.route('/')
def index():
return 'Successfully logged in!'
@app.route('/unauthorized')
def unauthorized():
return 'You are unauthorized to access this page'
def login():
if current_user.is_authenticated:
return redirect(url_for('index'))
if request.method == 'POST':
username = request.form['user']
passwd = request.form['passwd']
g.user_memberof = ldap.bind_user(username, passwd)
if type(g.user_memberof) == ValueError:
flash(g.user_memberof.message)
return redirect('/login')
session['user_memberof'] = g.user_memberof
flash('You have successfully logged in')
return redirect('/')
else:
redirect('/login')
return """<form action="" method="post">
user: <input name="user"><br>
password:<input type="password" name="passwd"><br>
<input type="submit" value="Submit"></form>"""
```
Now we're ready to define our views. In this example we are restricting access to the
QA group
```python
@app.route('/group')
@ldap.group_required(['QA'])
def group():
return 'You have been granted access to the Group restricted page '
```
You keep even use Flask-Login alongside with it.
```python
@app.route('/group')
@login_required
@ldap.group_required(['QA'])
def group():
return 'You have been granted access to the Group restricted page '
```
A more full example that includes Flask-Login can be found [here](https://github.com/sonance207/Flask_LDAP_View/blob/master/examples/example_Flask_LDAP_View.py).
A library to restrict your flask pages by LDAP groups
A more full example that includes Flask-Login can be found [here](https://github.com/sonance207/Flask_LDAP_View/blob/master/examples/example_Flask_LDAP_View.py).
## Installation
Install the extension with the following command:
```sh
$ pip install Flask_LDAP_View
```
## Usage
We start the Flask LDAP View by instantiating it and telling it about our Flask app:
```python
from flask import Flask, g, redirect, session
from Flask_LDAP_View import LDAP_VIEW
app = Flask(__name__)
ldap = LDAP_VIEW(app)
```
Next we have to import our LDAP configuration
```python
#Service account to search ldap tree
app.config['LDAP_HOST'] = 'ldap://127.0.0.1:389/'
app.config['LDAP_BASE_DN'] = 'OU=Admins,OU=Users,DC=exampleDC,DC=local'
app.config['LDAP_USERNAME'] = 'CN=User,OU=Admins,OU=Users,DC=exampleDC,DC=local'
app.config['LDAP_PASSWORD'] = 'password'
#Splash page to appear when user access a unauthorized resource
app.config['LDAP_UNAUTHORIZED_REDIRECT'] = '/unauthorized'
```
After that we will add our before request,views, and login
```python
@app.before_request
def before_request():
try:
g.user_memberof = session['user_memberof']
except:
session['user_memberof'] = None
g.user_memberof = session['user_memberof']
@app.route('/')
def index():
return 'Successfully logged in!'
@app.route('/unauthorized')
def unauthorized():
return 'You are unauthorized to access this page'
def login():
if current_user.is_authenticated:
return redirect(url_for('index'))
if request.method == 'POST':
username = request.form['user']
passwd = request.form['passwd']
g.user_memberof = ldap.bind_user(username, passwd)
if type(g.user_memberof) == ValueError:
flash(g.user_memberof.message)
return redirect('/login')
session['user_memberof'] = g.user_memberof
flash('You have successfully logged in')
return redirect('/')
else:
redirect('/login')
return """<form action="" method="post">
user: <input name="user"><br>
password:<input type="password" name="passwd"><br>
<input type="submit" value="Submit"></form>"""
```
Now we're ready to define our views. In this example we are restricting access to the
QA group
```python
@app.route('/group')
@ldap.group_required(['QA'])
def group():
return 'You have been granted access to the Group restricted page '
```
You keep even use Flask-Login alongside with it.
```python
@app.route('/group')
@login_required
@ldap.group_required(['QA'])
def group():
return 'You have been granted access to the Group restricted page '
```
A more full example that includes Flask-Login can be found [here](https://github.com/sonance207/Flask_LDAP_View/blob/master/examples/example_Flask_LDAP_View.py).
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Flask_LDAP_View-0.3.tar.gz
(3.1 kB
view details)
File details
Details for the file Flask_LDAP_View-0.3.tar.gz.
File metadata
- Download URL: Flask_LDAP_View-0.3.tar.gz
- Upload date:
- Size: 3.1 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 8a3aa09316a12a9d3af1a06014a93df7ffc4ab6f744b0f57853f557ec15a6f32 |
|
| MD5 | 34e19c7a4dc5717b950c9e434243e3b7 |
|
| BLAKE2b-256 | 844b04fa34948bee69ebf14a3be760cbd8e493c779be2f68e78b755fa4a3dcd3 |
