Project description

OS Dependencies

Debian

apt install python3-dev libldap2-dev libsasl2-dev

Centos

yum install python3-devel openldap-devel.x86_64 libgsasl-devel.x86_64

Alpine

apk add musl-dev openldap-dev gcc libgsasl-dev

Install

pip install Flask-LDAPAuth

Settings

App configs

NAME	Default
LDAP_URL	None
LDAP_ROOTDN	None
LDAP_USERDN	None
LDAP_GROUP	False
LDAP_START_TLS	True
LDAP_USER_FILTER	'cn'
LDAP_TIMEOUT	10
SECRET_KEY	None
LDAP_TOKEN_EXPIRE	8

Examples

Simple User Authentication

from flask import Flask, jsonify, make_response
from flask_ldapauth import LDAPAuth

app = Flask(__name__)

app.config['LDAP_URL'] = "ldap://localhost:389"
app.config['LDAP_ROOTDN'] = "dc=localhost"
app.config['LDAP_USERDN'] = "ou=People,dc=localhost"

auth = LDAPAuth(app)

@app.route('/login')
def index():
    user = auth.connect(username='nmacias',
                        password='password')

    if user is False:
        return jsonify({'mesg': 'invalid username or password'}), 401

    return jsonify({'mesg': 'login'})

def run():
    app.config['DEBUG'] = True
    app.config['ENV'] = 'development'
    app.run()


def main():
    run()


if __name__ == '__main__':
    main()

Advance User Authenciation

Only allow user if part of a group
Create auth token cookies
Protect routes
Return JSON data on protected routes

from flask import Flask, jsonify, make_response
from flask_ldapauth import LDAPAuth

app = Flask(__name__)


app.config['LDAP_URL'] = "ldap://localhost:389"
app.config['LDAP_ROOTDN'] = "dc=localhost"
app.config['LDAP_USERDN'] = "ou=People,dc=localhost"
app.config['LDAP_GROUP'] = "admins"

app.config['SECRET_KEY'] = 'supersecretkey'

auth = LDAPAuth(app)


@app.route('/protected', methods=['GET', 'POST'])
@auth.protected(data=True)
def propected(data):

    return jsonify({'mesg': 'Top secret', 'name': data['name']})


@app.route('/login')
def login():
    user = auth.connect(username='nmacias',
                        password='password', return_user=True)

    if user is False:
        return jsonify({'mesg': 'invalid username or password'}), 401

    token = auth.token.create(payload=user)

    response = make_response(jsonify({'token': token}))

    response.set_cookie('token', value=token, httponly=True)

    return response


@app.route('/logout')
def logout():

    response = make_response(jsonify({}))
    response.set_cookie('token', expires=0)

    return response


@app.route('/validate/<token>')
def validate(token):

    token_validate = auth.token.validate(token=token)

    if token_validate is False:
        return jsonify({'mesg': 'Invalid token'}), 401

    return jsonify({})


def run():
    app.config['DEBUG'] = True
    app.config['ENV'] = 'development'
    app.run()


def main():
    run()


if __name__ == '__main__':
    main()

Project details

These details have not been verified by PyPI

Project links

GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Release history Release notifications | RSS feed

This version

0.0.3

Mar 15, 2021

0.0.2

Mar 15, 2021

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

Flask-LDAPAuth-0.0.3.tar.gz (4.2 kB view hashes)

Uploaded Mar 15, 2021 Source

Built Distribution

Flask_LDAPAuth-0.0.3-py3-none-any.whl (4.3 kB view hashes)

Uploaded Mar 15, 2021 Python 3

Hashes for Flask-LDAPAuth-0.0.3.tar.gz

Hashes for Flask-LDAPAuth-0.0.3.tar.gz
Algorithm	Hash digest
SHA256	`7988fbda81772f41aad90ff81ab3e1259831562a2a2a37884d0a5666164407bd`
MD5	`38788067bed0453c39f00b1de1146145`
BLAKE2b-256	`ccad3d1f3d3bb639e06647d98c1d609930e642f5cb2751f9fddd5564506984f7`

Hashes for Flask_LDAPAuth-0.0.3-py3-none-any.whl

Hashes for Flask_LDAPAuth-0.0.3-py3-none-any.whl
Algorithm	Hash digest
SHA256	`783814d3366661f85c616d33ff2b178af3447b8c242a44c29c12cd1755fce3f0`
MD5	`b3f12c93534544ef7b97781526811b5e`
BLAKE2b-256	`6bf61f4a916a0b77c61dadc9ba1d22e8af814848d2ebad6d572b5c985135abc8`